From: amicka at gmail dot com Operating system: FreeBSD 4.11 PHP version: 4.4.2 PHP Bug Type: Session related Bug description: session.save_path and safe_mode
Description: ------------ We are using mod_php and providing per-site configuration directives in httpd.conf I am testing with a phpinfo() file, owned by uid/gid 1000/1000 When safe_mode is enabled, we receive the following error: PHP Warning: Unknown(): SAFE MODE Restriction in effect. The script whose uid/gid is 0/0 is not allowed to access /www/example.com/tmp owned by uid/gid 1000/1000 in Unknown on line 0 PHP Warning: Unknown(): open(/tmp/sess_659835e0c801f8cfcf46c1740c026d08, O_RDWR) failed: Permission denied (13) in Unknown on line 0 PHP Warning: Unknown(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0 * Because my info.php file is owned by uid=1000, the "script whose uid/gid is 0/0" error SHOULD NOT APPEAR. It is erroneously using 0/0 for its checks * Because /www/example.com/tmp is in my safe_mode_include_dir path, the above error shouldn't apply anyway * Because my session.save_path is /www/example.com/tmp , it SHOUD NOT be attempting to write to /tmp My current workaround is to chown /www/example.com/tmp to 0:0, which is preferable in my environment. But this still indicates a bug. php.ini is similar to the ini-recommended file, plus safe_mode = On Per-site overrides: <VirtualHost *:80> ServerName www.example.com DocumentRoot /www/example.com/www SetEnv PHP_DOCUMENT_ROOT /www/example.com/www SetEnv PHPRC /www/example.com/conf php_admin_value doc_root /www/example.com/www </VirtualHost> <Directory /www/virtual/example.com/> php_admin_value session.save_path "/www/example.com/tmp/" php_admin_value upload_tmp_dir "/www/example.com/tmp/" php_admin_value safe_mode_include_dir "/www/lib/:/www/sharedlib/:/www/example.com/tmp/:/dev/null:/usr/local/lib/php/" php_admin_value open_basedir /www/lib/:/www/example.com/ </Directory> -- Edit bug report at http://bugs.php.net/?id=36532&edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=36532&r=trysnapshot44 Try a CVS snapshot (PHP 5.1): http://bugs.php.net/fix.php?id=36532&r=trysnapshot51 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=36532&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=36532&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=36532&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=36532&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=36532&r=needscript Try newer version: http://bugs.php.net/fix.php?id=36532&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=36532&r=support Expected behavior: http://bugs.php.net/fix.php?id=36532&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=36532&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=36532&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=36532&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=36532&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=36532&r=dst IIS Stability: http://bugs.php.net/fix.php?id=36532&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=36532&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=36532&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=36532&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=36532&r=mysqlcfg
