From:
Operating system: RHEL 5
PHP version: 5.2.14
Package: Unknown/Other Function
Bug Type: Bug
Bug description:tempnam() in SAFE Mode
Description:
------------
Dear php Team,
We are using php 5.2.13 and Safe_mod is ON.
we have a problem using tempnam, at first we had tempnam('',tempfile);
This did not work - error "can not access /tmp
Later I investigated and have written the testscript and have following
behavior. Attention script must be owned by non root user
the script with 7th line $tmp_name = tempnam ( 'tmp', 'tempname' ); works
fine also with safe_mode
when i change it to $tmp_name = tempnam ( '/tmp', 'tempname' ); a safe_mode
restriction takes effect (the one with compares UID/GID and puts out
Warning: tempnam() [function.tempnam]: SAFE MODE Restriction in effect. The
script whose uid/gid is 506/506 is not allowed to access /tmp owned by
uid/gid 0/0 in /home/httpd/html/default/tempfile.php on line 7
but why does it work without the beginning '/'?
Can you clarify this behavior please? and another issuse is that when i try
with $tmp_name = tempnam ( '/tmp', 'tempname' ); it does not make a
diference putting /tmp to openbasedir or safe_mode_includedir it dies not
work.
I have also read the changelog and have found that since PHP 5.2.12 some
issues with tempname and safe_mode have been fixed - there was a bug that
tempnam ignores safe_mode. And this correct because i tested with php
5.2.11 and it worked with /tmp also. Can you tell me ehat exactly is
changed saince version 5.2.12?
Test script:
---------------
<?PHP
$xx = sys_get_temp_dir();
echo $xx . '<br>';
for ( $x = 0; $x <= 5; $x++ )
{
$tmp_name = tempnam ( 'tmp', 'tempname' );
echo $tmp_name . '<br>';
}
$str = 'standing in a tempfile';
$tmp_file = fopen ( $tmp_name, 'w' );
fputs ( $tmp_file, $str );
fclose ( $tmp_file );
$fp = fopen ( $tmp_name, 'r' );
$str = fgets ( $fp, 50 );
fclose ( $fp );
echo $str;
?>
Expected result:
----------------
script above works fine also in safe mode change 7th line from
$tmp_name = tempnam ( 'tmp', 'tempname' );
to
$tmp_name = tempnam ( '/tmp', 'tempname' ); bringe a safe_mode restriction
which is also ok, but why does it work without / and why does it not make a
diference putting /tmp to openbasedir or safe_mode_include_dir
--
Edit bug report at http://bugs.php.net/bug.php?id=52624&edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=52624&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=52624&r=trysnapshot53
Try a snapshot (trunk):
http://bugs.php.net/fix.php?id=52624&r=trysnapshottrunk
Fixed in SVN:
http://bugs.php.net/fix.php?id=52624&r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=52624&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=52624&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=52624&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=52624&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=52624&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=52624&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=52624&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=52624&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=52624&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=52624&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=52624&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=52624&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=52624&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=52624&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=52624&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=52624&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=52624&r=mysqlcfg
