archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 13:38:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge branch 'pull-request/1360' into PHP-7.0

Browse source 
* pull-request/1360:
  Fixed bug #69582 session not readable by root in CLI
  news entry for PR #1360
This commit is contained in:
Joe Watkins 2017-01-06 06:02:36 +00:00
commit b0ff9ee688
No known key found for this signature in database
GPG key ID: F9BA0ADA31CBD89E
2 changed files with 11 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

10
ext/session/mod_files.c
View file

@ -196,8 +196,14 @@ static void ps_files_open(ps_files *data, const char *key)
if (data->fd != -1) {
#ifndef PHP_WIN32
/* check that this session file was created by us or root we
don't want to end up accepting the sessions of another webapp */
if (fstat(data->fd, &sbuf) || (sbuf.st_uid != 0 && sbuf.st_uid != getuid() && sbuf.st_uid != geteuid())) {
don't want to end up accepting the sessions of another webapp
If the process is ran by root, we ignore session file ownership
Use case: session is initiated by Apache under non-root and then
accessed by backend with root permissions to execute some system tasks.
*/
if (zend_fstat(data->fd, &sbuf) || (sbuf.st_uid != 0 && sbuf.st_uid != getuid() && sbuf.st_uid != geteuid() && getuid() != 0)) {
close(data->fd);
data->fd = -1;
php_error_docref(NULL, E_WARNING, "Session data file is not created by your uid");