[wp-trac] [WordPress Trac] #13659: Incorrect permissions created by wp_mkdir_p() when safe mode is used
WordPress Trac
wp-trac at lists.automattic.com
Tue Jun 1 14:05:55 UTC 2010
#13659: Incorrect permissions created by wp_mkdir_p() when safe mode is used
--------------------------+-------------------------------------------------
Reporter: cgrenier | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Future Release
Component: Upload | Version: 2.9.2
Severity: normal | Keywords:
--------------------------+-------------------------------------------------
Comment(by cgrenier):
Replying to [comment:2 dd32]:
> > For what it's worth, I'm pretty sure wp_mkdir_p() should be deprecated
in favor of the WP_Filesystem API.
>
> Unfortunately thats impossible. (safe mode should be deprecated instead
:P, which luckely, it is)
>
> !WordPress uploads write directly to the filesystem, asking for
username/password every time would be over the top for simply uploading
files.
>
> This sounds like a PHP bug unfortunately, cgrenier, What versions of PHP
are affected by this? Calling chmod shouldnt cause all permissions to be
lost in the event that a security layer prevents it.. Shouldnt.
>
> Setting the component to Upload, due to that being where this function
is primarily used.
It's not a bug in PHP but a documented function.
Extract from http://php.net/manual/en/function.chmod.php
"When safe mode is enabled, PHP checks whether the files or directories
you are about to operate on have the same UID (owner) as the script that
is being executed. In addition, you cannot set the SUID, SGID and sticky
bits."
Why wordpress tries to reapplies the existing permission ?
--
Ticket URL: <http://core.trac.wordpress.org/ticket/13659#comment:3>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list