Bug #42952 [Com]: soap cache file is created with insecure permissions on some configurations
Edit report at https://bugs.php.net/bug.php?id=42952&edit=1 ID: 42952 Comment by: joey dot cai at gmail dot com Reported by:glen at delfi dot ee Summary:soap cache file is created with insecure permissions on some configurations Status: Closed Type: Bug Package:SOAP related Operating System: PLD Linux PHP Version:5.2.4 Assigned To:dmitry Block user comment: N Private report: N New Comment: The original diff is no longer available since cvs.php.net is long gone. But according to the git log. This patch introduced a bug that only the creator of the cache file can access it. Users with different UIDs have no permission. I think both #51407 and #61094 point to the same thing. I saw from the comments that you talked about keeping user id (getuid()) in the cache filename, but somehow that doesn't show up in the code. Can you check that, @dmitry? Thank you Previous Comments: [2007-11-23 10:06:21] dmi...@php.net Fixed in CVS HEAD and PHP_5_3. http://cvs.php.net/viewvc.cgi/php-src/ext/soap/php_sdl.c?r1=1.88.2.12.2.9&r2=1.88.2.12.2.9.2.1&diff_format=u [2007-11-01 16:10:26] glen at delfi dot ee That would be fine (at least not closed as bogus). Distributions are free to backport changes they like :) [2007-11-01 14:14:14] dmi...@php.net I thought about it. It may be good for php-5.3.0, but I don't like to make such change in 5.2.* [2007-11-01 14:10:02] glen at delfi dot ee So perhaps keep user id (getuid()) in the cache filename? [2007-11-01 13:32:18] dmi...@php.net Even one SAPI in shared environment will have the same issue. If you have several php-cgi processes with different UID, only one of them will own the cache file, and all others won't be able to access it. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=42952 -- Edit this bug report at https://bugs.php.net/bug.php?id=42952&edit=1
Req #53434 [Com]: More details for slow requests
Edit report at https://bugs.php.net/bug.php?id=53434&edit=1 ID: 53434 Comment by: joey dot cai at gmail dot com Reported by:webmaster_apc at colnect dot com Summary:More details for slow requests Status: Closed Type: Feature/Change Request Package:FPM related Operating System: gentoo linux PHP Version:5.3.1RC1 Assigned To:fat Block user comment: N Private report: N New Comment: The current slow log records in php-fpm.log log SCRIPT_NAME as the request uri. For webapps built on top of mvc framework such as symfony or zend framework with a front controller and routing enabled (or requests with query strings), this information is not sufficient enough to track down the source of the slow requests easily. A patch will be attached which logs HTTP_HOST and REQUEST_URI of slow requests in php-fpm.log. It might not be the cleanest solution since I'm not a C programmer. But the patch does solve our problem. Please take it look at it. thank you. Previous Comments: [2011-01-29 12:48:41] webmaster_apc at colnect dot com Thanks for the fix :) I'll be happy to see it when the next PHP version is released on Gentoo. Cheers [2011-01-29 12:43:45] f...@php.net This bug has been fixed in SVN. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. I've added the request method and the request uri in the slowlog timeout and slowlog terminated log message: [29-Jan-2011 12:41:59.741208] WARNING: pid 32110, fpm_request_check_timed_out(), line 147: [pool www_chroot] child 32111, script '/html/test8.php' (request: "GET /chroot/test8.php") executing too slow (1.051049 sec), logging [29-Jan-2011 12:42:00.783410] WARNING: pid 32110, fpm_request_check_timed_out(), line 157: [pool www_chroot] child 32111, script '/html/test8.php' (request: "GET /chroot/test8.php") execution timed out (2.092626 sec), terminating [2011-01-29 12:41:47] f...@php.net Automatic comment from SVN on behalf of fat Revision: http://svn.php.net/viewvc/?view=revision&revision=307843 Log: - Fixed bug #53434 (php-fpm slowlog now also logs the original request). - Fixed the missing peace of code on revision 307842 [2011-01-29 12:38:21] f...@php.net Automatic comment from SVN on behalf of fat Revision: http://svn.php.net/viewvc/?view=revision&revision=307842 Log: - Fixed bug #53434 (php-fpm slowlog now also logs the original request). [2010-12-06 09:26:15] f...@php.net Oh hell yes ... I did not understand your need. I'll see how complicated this is to add the request which triggers the slowlog entries. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=53434 -- Edit this bug report at https://bugs.php.net/bug.php?id=53434&edit=1
Req #53434 [Com]: More details for slow requests
Edit report at https://bugs.php.net/bug.php?id=53434&edit=1 ID: 53434 Comment by: joey dot cai at gmail dot com Reported by:webmaster_apc at colnect dot com Summary:More details for slow requests Status: Closed Type: Feature/Change Request Package:FPM related Operating System: gentoo linux PHP Version:5.3.1RC1 Assigned To:fat Block user comment: N Private report: N New Comment: I forgot to mention that the diff was generated against php-5.3.20. Previous Comments: [2013-01-15 06:58:12] joey dot cai at gmail dot com The current slow log records in php-fpm.log log SCRIPT_NAME as the request uri. For webapps built on top of mvc framework such as symfony or zend framework with a front controller and routing enabled (or requests with query strings), this information is not sufficient enough to track down the source of the slow requests easily. A patch will be attached which logs HTTP_HOST and REQUEST_URI of slow requests in php-fpm.log. It might not be the cleanest solution since I'm not a C programmer. But the patch does solve our problem. Please take it look at it. thank you. [2011-01-29 12:48:41] webmaster_apc at colnect dot com Thanks for the fix :) I'll be happy to see it when the next PHP version is released on Gentoo. Cheers [2011-01-29 12:43:45] f...@php.net This bug has been fixed in SVN. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. I've added the request method and the request uri in the slowlog timeout and slowlog terminated log message: [29-Jan-2011 12:41:59.741208] WARNING: pid 32110, fpm_request_check_timed_out(), line 147: [pool www_chroot] child 32111, script '/html/test8.php' (request: "GET /chroot/test8.php") executing too slow (1.051049 sec), logging [29-Jan-2011 12:42:00.783410] WARNING: pid 32110, fpm_request_check_timed_out(), line 157: [pool www_chroot] child 32111, script '/html/test8.php' (request: "GET /chroot/test8.php") execution timed out (2.092626 sec), terminating [2011-01-29 12:41:47] f...@php.net Automatic comment from SVN on behalf of fat Revision: http://svn.php.net/viewvc/?view=revision&revision=307843 Log: - Fixed bug #53434 (php-fpm slowlog now also logs the original request). - Fixed the missing peace of code on revision 307842 [2011-01-29 12:38:21] f...@php.net Automatic comment from SVN on behalf of fat Revision: http://svn.php.net/viewvc/?view=revision&revision=307842 Log: - Fixed bug #53434 (php-fpm slowlog now also logs the original request). The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=53434 -- Edit this bug report at https://bugs.php.net/bug.php?id=53434&edit=1
