#2322 (ok 2.11?) open_basedir with upload tmpdir outside

Latest_Git
fixed
5
2014-08-18
2006-12-14
Sebastian Mendel
No

can someone confirm filr uploads with open_basedir restrictions does not work with no upload_tmp_dir set (on Windows)

open_basedir = "c:\\htdocs"
;upload_tmp_dir =

PHP 5.2.0 mod / Apach 2.0.55 / Windows XP

without open_basedir restriction file uploads work, with or without upload_tmp_dir set

p.s. marc, yes i am working on this - but my email account is offline since yesterday ...

Discussion

1 2 > >> (Page 1 of 2)
  • Marc Delisle
    Marc Delisle
    2006-12-14

    Logged In: YES
    user_id=210714
    Originator: NO

    Thanks Sebastian.
    Do you want some testing done only on Windows?

     
  • Logged In: YES
    user_id=326580
    Originator: YES

    ok - so we/i should add some check and warn the user if upload tmp dir is not set ...

    another point: with open_basedir restrictions enabled and upload_tempdir outside of open_basedir i still get a php warning about "open_basedir restrictions blah blah ..." when using move_uploaded_file() - but it works, the file is moved and can be inserted into the table field ... wired ... is this a windows only problem?

    @marc: by default there is a upload_tempdir set on non windows systems, only on windows is this directive left empty by default ...

     
  • Jürgen Wind
    Jürgen Wind
    2006-12-14

    Logged In: YES
    user_id=1383652
    Originator: NO

    win2k, php5.14, mysql 5.021 :

    ####
    open_basedir = D:/HTdocs
    ;upload_tmp_dir=

    Warning: fopen() [function.fopen]: open_basedir restriction in effect. File(c:\tmp\phpA7.tmp) is not within the allowed path(s): (D:/HTdocs) in D:\HTdocs\PmaTrunk\libraries\tbl_replace_fields.inc.php on line 45

    Inserted rows: 1
    SQL query: INSERT INTO `db~a` ( `c1` , `DATE` , `blobF` )
    VALUES (
    'c1ds1', '0', ''
    );____________^ (bob field is empty instead of uploaded file content)

    ----
    open_basedir = D:/HTdocs
    upload_tmp_dir = D:/HTdocs/tmp

    Inserted rows: 1
    SQL query: INSERT INTO `db~a` (`c1`, `DATE`, `blobF`) VALUES ('open_basedir = D:/HTdocs , upload_tmp_dir = D:/HTdocs/tmp', '0', 0x2d2d207068704d7941646d696e2053514c2044756d700a2d2d2076657273696f6 ....

    ####
    ;open_basedir=
    ;upload_tmp_dir=

    Inserted rows: 1
    SQL query: INSERT INTO `db~a` (`c1`, `DATE`, `blobF`) VALUES ('without base_dir restriction', '0', 0x2d2d207068704d7941646d696e2053514c2044756d700a2d2d207665720322e31302e ....

     
  • Jürgen Wind
    Jürgen Wind
    2006-12-14

    Logged In: YES
    user_id=1383652
    Originator: NO

    addition:
    my tests were using pma trunk

    >with open_basedir restrictions enabled and upload_tempdiroutside of open_basedir
    ---8<---
    >but it works, the file is moved and can be inserted into the table field

    not on my tests, blob is empty!

     
  • Logged In: YES
    user_id=326580
    Originator: YES

    >> with open_basedir restrictions enabled and upload_tempdir _outside_ of open_basedir
    >> i still get a php warning about "open_basedir restrictions blah blah ..." when using
    >> move_uploaded_file()
    >> but it works, the file is moved and can be inserted into the table field
    >
    > not on my tests, blob is empty!

    open_basedir = c:\\htdocs
    upload_tmp_dir = c:\\tmp

    in general, not in PMA (with the current code) ...

     
  • Jürgen Wind
    Jürgen Wind
    2006-12-15

    Logged In: YES
    user_id=1383652
    Originator: NO

    >in general,
    what do you mean by that?
    >not in PMA (with the current code) ...
    what else?
    i used the current PMA (trunk) code.

    you asked if anyone could confirm, so i did the tests using the previously documented settings.
    on *my* win2k system the tests delivered the expected results, especially if upload_temp_dir is blocked by the open_basedir setting the blob field is *not* poulated with uploded data.

    perhaps i just didn't get the point.

     
  • Marc Delisle
    Marc Delisle
    2006-12-16

    Logged In: YES
    user_id=210714
    Originator: NO

    Can we change this thread's subject to "open_basedir support"? There are many places where open_basedir is not correctly supported, for example in libraries/import.lib.php PMA_detectCompression(). It tries a fopen() which fails because the uploaded file has not yet been moved.

    Maybe we need PMA_fopen() which would take care of move_uploaded_file() if necessary, sending the file to a configured subdir. Note: if the file is moved, maybe we should define some PMA_IMPORTED_FILE_PATH so that the rest of the code (see import.php) does not try to open $import_file again?

     
    • summary: open_basedir and field uploads --> open_basedir with upload tmpdir outside
     
  • Logged In: YES
    user_id=326580
    Originator: YES

    i have changed the code in the tbl_* - should work now

    i tries to create the tmp subfolder if not exists and tmp upload folder is outside of open_basedir

    i have found only two additional places where files can be uploaded:

    [form] -> [target script]
    display_import.lib.php -> import.php
    sql_query_form.lib.php -> import.php

     
  • Marc Delisle
    Marc Delisle
    2007-01-04

    Logged In: YES
    user_id=210714
    Originator: NO

    Sebastian,
    did you commit?

     
  • Logged In: YES
    user_id=326580
    Originator: YES

    2006-12-19 Sebastian Mendel <cybot_tm@users.sourceforge.net>
    * tbl_change.php, tbl_replace.php, include/tbl_replace_fields.inc.php:
    refactored: made register_globals independent; added documentation;

     
  • Marc Delisle
    Marc Delisle
    2007-01-05

    Logged In: YES
    user_id=210714
    Originator: NO

    Sebastian,
    I tested under Linux. In safe mode, the new code fails.
    In non_safe mode, I get a permission denied for the mkdir. I failed to understand why :)

    P.S. the new code should removed the need for FAQ 1.11 ?

     
  • Marc Delisle
    Marc Delisle
    2007-01-20

    Logged In: YES
    user_id=210714
    Originator: NO

    Sebastian,
    any progress on this?

     
  • Logged In: YES
    user_id=326580
    Originator: YES

    please test SVN - added some more checks and detailed error messages in case of upload errors

    tmp dir can only be created if webuser has execute ('x' rights for the phpMyAdmin folder ...

     
  • Marc Delisle
    Marc Delisle
    2007-01-30

    Logged In: YES
    user_id=210714
    Originator: NO

    Ok I'm testing...

     
  • Marc Delisle
    Marc Delisle
    2007-01-31

    Logged In: YES
    user_id=210714
    Originator: NO

    Test 1: open_basedir defined and safe_mode set to Off. It works but the web server's user must also have write access to the phpMyAdmin folder.

     
  • Marc Delisle
    Marc Delisle
    2007-01-31

    Logged In: YES
    user_id=210714
    Originator: NO

    Test 2: open_basedir defined, safe_mode set to On. It works (same write need than test 1).

    Sebastian, don't you think that asking that phpMyAdmin's folder be write-enabled for the web user, is too much on a shared server on which the admin sets open_basedir restrictions?

     
  • Logged In: YES
    user_id=326580
    Originator: YES

    yes - as i wrote "tmp dir can only be created if webuser has execute ('x' rights for the phpMyAdmin folder" i would not suggest to enable this right on every installation - i just would make clear that this right is required to automatically create this folder if not existent

    if this right is missing there should come up an error message - or not?

     
  • Marc Delisle
    Marc Delisle
    2007-01-31

    Logged In: YES
    user_id=210714
    Originator: NO

    Sebastian,
    you wrote about 'x' right, I am talking about the 'w' right.

     
  • Logged In: YES
    user_id=326580
    Originator: YES

    oh sorry - i meant the right required to create new subdirs ... of course this the 'w' right ... ;-)

     
  • Marc Delisle
    Marc Delisle
    2007-02-01

    Logged In: YES
    user_id=210714
    Originator: NO

    Sebastian,
    I think that "normal" users on a shared server (where the admin has set an open_basedir restriction) are not allowed to do a chown of their PMA directory to the webuser. They might also not be able to do, say, a chmod 777 on a tmp directory if their ftp server does not allow chmod. Assume that in most cases they do not have shell access.

     
  • Logged In: YES
    user_id=326580
    Originator: YES

    marc: i fully understand what you are saying - i know that in most cases creating this dir will fail - what i do not understand is why we are discussing this?

    should i remove this lines? why? it is not a mistake to try to create this dir, or?

    and if this dir is still missing, even after trying to create it, the user will get an error message, or not?

    just tell me what you are expecting phpMyAdmin should do in this case but is not doing.

    i am just a little bit confused not getting the point of this 'problem'.

     
  • Marc Delisle
    Marc Delisle
    2007-02-01

    Logged In: YES
    user_id=210714
    Originator: NO

    Sebastian,
    I expect that phpMyAdmin can allow uploading to a field, in all circumstances, but maybe I expect too much. In my case, I have defined open_basedir and I get a PHP warning: permission denied on the mkdir, perhaps we need @mkdir.
    Then I get an error for the message, I think $GLOBALS['strFieldInsertFromFileTempDirNotExists'] does not exist. What was the message you intended for this? Just a pointer to FAQ 1.11 ?

    Another thing I don't understand: is there a relation between open_basedir and upload_tmp_dir. Should the sysadmin always include the upload_tmp_dir inside the string defined as open_basedir?

    It's OK for PMA to try to create this directory even if it will fail most of the times.

     
  • Logged In: YES
    user_id=326580
    Originator: YES

    Marc - my canadian friend - :-) ,
    as i read the PHP manual:

    upload_tmp_dir can be outside of open_basedir - than you have to move_uploaded_file() inside open_basedir before you can access the uploaded file

    i have a different opinion for using @ - it is not our fault if display_errors is enabled - and using @ makes much much much trouble finding the source for errors - at least phpMyAdmin could just disable display_errors instead of using this evil @

    'strFieldInsertFromFileTempDirNotExists': pointer to FAQ 1.11, yes - i forgot - sorry

     
1 2 > >> (Page 1 of 2)