469,602 Members | 1,818 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,602 developers. It's quick & easy.

Custom file:// scheme stream wrapper and chdir() behavior

Hi everyone,

I've written a file:// scheme stream wrapper that acts like chroot()
(but is more flexible, does not require root privileges and works on any
platform). Everything works just fine except that chdir() still stat()s
through the native PHP filesystem handler. This means that it is not
possible to chdir() to a "jailed" directory, except if by chance its
path also exists in the real local filesystem.

Imagine my file:// wrapper is set up to jail the script to
'/srv/www/localhost/my-app/root':
chdir('/etc');
Works because '/etc' is present in the real local filesystem.

fopen('file.dat');
Is OK and actually opens up
'/srv/www/localhost/my-app/root/etc/file.dat' seamlessly.

BUT

chdir('/test');
Throws a warning and is ignored because '/test' does not exist in the
local filesystem even if '/srv/www/localhost/my-app/root/test' directory
exists.

Using chdir('/srv/www/localhost/my-app/root') does not help because even
if my custom wrapper is aware of that fixed prefix on all paths, getwd()
returns the jailed path and other stuffs like DOMDocument::load() get
broken when using relative paths.

The trick for now is to chdir('/'); as it is always valid in the jailed
AND local filesystems (on Unix systems at least).

Don't you think that chdir() should use the url_stat() function provided
by the registered file:// scheme stream wrapper class when possible (it
may be omitted on wrappers; in those cases PHP should continue using its
native stat() system). As far as I looked into this I think there is
something not consistent there. fopen() and many many other functions DO
use our custom wrappers but not something as basic as chdir() and getcwd().

Thank you!

Julien.
Jun 25 '07 #1
0 1436

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

699 posts views Thread by mike420 | last post: by
9 posts views Thread by Fred Ma | last post: by
11 posts views Thread by Patrick Van Esch | last post: by
9 posts views Thread by Julien Biezemans | last post: by
17 posts views Thread by Peter Duniho | last post: by
AdrianH
1 post views Thread by AdrianH | last post: by
3 posts views Thread by =?Utf-8?B?d2Vic211cmY=?= | last post: by
reply views Thread by guiromero | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.