Edit report at https://bugs.php.net/bug.php?id=61435&edit=1
ID: 61435
Comment by: lekensteyn at gmail dot com
Reported by: php at grange dot me
Summary: PHP-FPM logs are not readable by group/others by
default
Status: Assigned
Type: Feature/Change Request
Package: FPM related
PHP Version: 5.3.10
Assigned To: fat
Block user comment: N
Private report: N
New Comment:
No need to apologize, I do care but apparently it is not very high on the to-do
list of PHP devs (if there are any).
In January of this year, I reported an open_basedir-related security bug on
this website, to which I still haven't got any reply yet. I wonder if somebody
is actually using bug tracker besides users.
Previous Comments:
------------------------------------------------------------------------
[2013-09-14 07:11:23] php at grange dot me
Sorry, I fixed my patch on our systems but didn't take time to upload it here
as
nobody seemed to care. Thank you.
------------------------------------------------------------------------
[2013-09-07 13:53:38] lekensteyn at gmail dot com
Patch refreshed for context in PHP 5.5.3 (no other changes). Could you please
consider fixing this bug that has been present for over a year? A patch is
available.
------------------------------------------------------------------------
[2013-02-03 12:06:15] lekensteyn at gmail dot com
I have attached a new patch (the old one was incompatible with 5.3). I have
also changed "a+" to "a" as fpm_php_trace_dump is only writing to the file, not
reading. According to the manpage, fdopen must have a mode that is compatible
with the fd. In the old patch, there was a mismatch between a+ and O_WRONLY.
------------------------------------------------------------------------
[2012-03-19 11:29:10] php at grange dot me
Description:
------------
Hello,
errorlog, slowlog and accesslog are created with permissions set to 0600 by
default on PHP 5.3 and 5.4.
Those files are often owned by root (at least in our setup but probably in a
lot
of setups), which makes it not convenient for developers to read them. They may
contain useful information, such as PHP crashes.
Failing to fix it with umask in php-fpm init script (not mentioning the fact
that it would affect php scripts too), I wrote a simple patch against
PHP-5.3.10
to modify open() calls with 0644 perms.
Note that Apache uses 0644 by default for its logs.
Olivier
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=61435&edit=1
