makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-26 20:08:55 +00:00
Code Issues Projects Releases Packages Wiki Activity

backport 3.2 version of phpbb_chmod() - need to be tested further...

Browse source 
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9394 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2009-03-18 18:09:14 +00:00
parent 159eb5cbb4
commit 233e62f0b5
1 changed files with 78 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

110
phpBB/includes/functions.php
View file

@ -461,8 +461,9 @@ function _hash_crypt_private($password, $setting, &$itoa64)
/** /**
* Global function for chmodding directories and files for internal use * Global function for chmodding directories and files for internal use
*
* This function determines owner and group whom the file belongs to and user and group of PHP and then set safest possible file permissions. * This function determines owner and group whom the file belongs to and user and group of PHP and then set safest possible file permissions.
* The function determines owner and group from common.php file and sets the same to the provided file. Permissions are mapped to the group, user always has rw(x) permission. * The function determines owner and group from common.php file and sets the same to the provided file.
* The function uses bit fields to build the permissions. * The function uses bit fields to build the permissions.
* The function sets the appropiate execute bit on directories. * The function sets the appropiate execute bit on directories.
* *
@ -475,24 +476,29 @@ function _hash_crypt_private($password, $setting, &$itoa64)
* *
* NOTE: The function uses POSIX extension and fileowner()/filegroup() functions. If any of them is disabled, this function tries to build proper permissions, by calling is_readable() and is_writable() functions. * NOTE: The function uses POSIX extension and fileowner()/filegroup() functions. If any of them is disabled, this function tries to build proper permissions, by calling is_readable() and is_writable() functions.
* *
* @param $filename The file/directory to be chmodded * @param string $filename The file/directory to be chmodded
* @param $perms Permissions to set * @param int $perms Permissions to set
* @return true on success, otherwise false
* *
* @return bool true on success, otherwise false
* @author faw, phpBB Group * @author faw, phpBB Group
*/ */
function phpbb_chmod($filename, $perms = CHMOD_READ) function phpbb_chmod($filename, $perms = CHMOD_READ)
{ {
static $_chmod_info;
// Return if the file no longer exists. // Return if the file no longer exists.
if (!file_exists($filename)) if (!file_exists($filename))
{ {
return false; return false;
} }
// Determine some common vars
if (empty($_chmod_info))
{
if (!function_exists('fileowner') || !function_exists('filegroup')) if (!function_exists('fileowner') || !function_exists('filegroup'))
{ {
$file_uid = $file_gid = false; // No need to further determine owner/group - it is unknown
$common_php_owner = $common_php_group = false; $_chmod_info['process'] = false;
} }
else else
{ {
@ -502,49 +508,71 @@ function phpbb_chmod($filename, $perms = CHMOD_READ)
$common_php_owner = fileowner($phpbb_root_path . 'common.' . $phpEx); $common_php_owner = fileowner($phpbb_root_path . 'common.' . $phpEx);
$common_php_group = filegroup($phpbb_root_path . 'common.' . $phpEx); $common_php_group = filegroup($phpbb_root_path . 'common.' . $phpEx);
$file_uid = fileowner($filename);
$file_gid = filegroup($filename);
// Try to set the owner to the same common.php has
if ($common_php_owner !== $file_uid && $common_php_owner !== false && $file_uid !== false)
{
// Will most likely not work
if (@chown($filename, $common_php_owner));
{
clearstatcache();
$file_uid = fileowner($filename);
}
}
// Try to set the group to the same common.php has
if ($common_php_group !== $file_gid && $common_php_group !== false && $file_gid !== false)
{
if (@chgrp($filename, $common_php_group));
{
clearstatcache();
$file_gid = filegroup($filename);
}
}
}
// And the owner and the groups PHP is running under. // And the owner and the groups PHP is running under.
$php_uid = (function_exists('posix_getuid')) ? @posix_getuid() : false; $php_uid = (function_exists('posix_getuid')) ? @posix_getuid() : false;
$php_gids = (function_exists('posix_getgroups')) ? @posix_getgroups() : false; $php_gids = (function_exists('posix_getgroups')) ? @posix_getgroups() : false;
// Who is PHP? // If we are unable to get owner/group, then do not try to set them by guessing
if ($file_uid === false || $file_gid === false || $php_uid === false || $php_gids === false) if (!$php_uid || empty($php_gids) || !$common_php_owner || !$common_php_group)
{ {
$php = NULL; $_chmod_info['process'] = false;
} }
else if ($file_uid == $php_uid /* && $common_php_owner !== false && $common_php_owner === $file_uid*/) else
{
$_chmod_info = array(
'process' => true,
'common_owner' => $common_php_owner,
'common_group' => $common_php_group,
'php_uid' => $php_uid,
'php_gids' => $php_gids,
);
}
}
}
if ($_chmod_info['process'])
{
// Change owner
if (@chown($filename, $_chmod_info['common_owner']))
{
clearstatcache();
$file_uid = fileowner($filename);
}
// Change group
if (@chgrp($filename, $_chmod_info['common_group']))
{
clearstatcache();
$file_gid = filegroup($filename);
}
// If the file_uid/gid now match the one from common.php we can process further, else we are not able to change something
if ($file_uid != $_chmod_info['common_owner'] || $file_gid != $_chmod_info['common_group'])
{
$_chmod_info['process'] = false;
}
}
// Still able to process?
if ($_chmod_info['process'])
{
if ($file_uid == $_chmod_info['php_uid'])
{ {
$php = 'owner'; $php = 'owner';
} }
else if (in_array($file_gid, $php_gids)) else if (in_array($file_gid, $_chmod_info['php_gids']))
{ {
$php = 'group'; $php = 'group';
} }
else else
{
// Since we are setting the everyone bit anyway, no need to do expensive operations
$_chmod_info['process'] = false;
}
}
// We are not able to determine or change something
if (!$_chmod_info['process'])
{ {
$php = 'other'; $php = 'other';
} }
@ -564,26 +592,22 @@ function phpbb_chmod($filename, $perms = CHMOD_READ)
switch ($php) switch ($php)
{ {
case null:
case 'owner': case 'owner':
/* ATTENTION: if php is owner or NULL we set it to group here. This is the most failsafe combination for the vast majority of server setups.
$result = @chmod($filename, ($owner << 6) + (0 << 3) + (0 << 0)); $result = @chmod($filename, ($owner << 6) + (0 << 3) + (0 << 0));
clearstatcache(); clearstatcache();
if (!is_null($php) || (is_readable($filename) && is_writable($filename))) if (is_readable($filename) && is_writable($filename))
{ {
break; break;
} }
*/
case 'group': case 'group':
$result = @chmod($filename, ($owner << 6) + ($perms << 3) + (0 << 0)); $result = @chmod($filename, ($owner << 6) + ($perms << 3) + (0 << 0));
clearstatcache(); clearstatcache();
if (!is_null($php) || ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || is_writable($filename)))) if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || is_writable($filename)))
{ {
break; break;
} }
@ -593,7 +617,7 @@ function phpbb_chmod($filename, $perms = CHMOD_READ)
clearstatcache(); clearstatcache();
if (!is_null($php) || ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || is_writable($filename)))) if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || is_writable($filename)))
{ {
break; break;
} }