Hi Bug #14923 concerns PHP's is_writable, etc., functions & POSIX ACLs. Likewise, Bug #30931 concerns the same thing. According to this bug, PHP is not using the access() system call to determine file access, but doing its own computation based on the file's uid, gid, groups & mode. Now, the bug tracking system reports that sterling fixed this in CVS on 2 Jul 2002. However, my testing in PHP 5.0.5 indicates this bug is still there. Comments of various people in #30931 confirm this. #30931 was marked "no feedback"...
And examining the PHP source code for 5.0.5 (ext/standard/filestat.c), I see it is still doing its on computation rather than calling the access() system call. Under 4.3.11, I observe in the same file that it is calling VCWD_ACCESS, but only under WIN32. Using access() rather than doing a computation based on access modes is the "Right Thing To Do", since most modern OSs support significantly more complex security architectures than can be expressed using traditional unix permissions. And frankly, how the OS' security model works in not something PHP should be concerned with. It should simply ask the OS to do all that working out for it... Cheers Simon Kissane ---------------------------------------------- Simon Kissane Web Developer/Programmer Macquarie University 2109 [EMAIL PROTECTED] +61 2 9850 6552 ---------------------------------------------- -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
