Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork9.7k
[Process] Decouple Process::findExecutable() from open_basedir#54151
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Conversation
Luc45 commentedMar 4, 2024
This PR has a failing test because we only run SIGCHILD tests on PHP 7.2. I wonder if this is specific to 7.2, or if we would see the same failures if we ran it on PHP 8+, too...? |
derrabus commentedMar 5, 2024
#47422 was merged as a feature into 6.4 which was still under development at that time. If you want us to reclassify this change as a bugfix, I think you need to elaborate on that. Otherwise, this PR will be closed soon because we don't backport features to LTS branches. |
Luc45 commentedMar 5, 2024
Got it. I believe this is a bug. $finder =new \Symfony\Component\Process\ExecutableFinder();$finder->find('docker');// /usr/bin/dockerexec('which docker')// /user/bin/dockerini_set('open_basedir','/tmp/foo');$finder->find('docker');// nullexec('which docker')// /user/bin/docker |
Luc45 commentedMar 5, 2024
Actually, this behavior is present on Process ^5, ^6, and ^7. PR#47422 doesn't solve it as I expected. Test file: <?phprequire__DIR__ .'/vendor/autoload.php';$finder =new \Symfony\Component\Process\ExecutableFinder();var_dump($finder->find('docker'));var_dump(exec('which docker'));ini_set('open_basedir','/tmp/foo');var_dump($finder->find('docker'));var_dump(exec('which docker')); |
Luc45 commentedMar 5, 2024 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
It seems that <?phprequire__DIR__ .'/vendor/autoload.php';$finder =new \Symfony\Component\Process\ExecutableFinder();$finder->find('docker');// /usr/bin/dockerexec('which docker');// /user/bin/dockeris_executable('/usr/bin/docker');// trueexec('/usr/bin/docker --version');// Docker version 25.0.2, build 29cf629222ini_set('open_basedir','/tmp/foo');$finder->find('docker');// nullexec('which docker');// /user/bin/dockeris_executable('/usr/bin/docker');// falseexec('/usr/bin/docker --version');// Docker version 25.0.2, build 29cf629222
|
Luc45 commentedMar 6, 2024 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
Actually, it's not that <?phprequire__DIR__ .'/vendor/autoload.php';$finder =new \Symfony\Component\Process\ExecutableFinder();exec('mkdir -p /tmp/bar && rm -rf /tmp/bar/*.test');touch('/tmp/bar/no-basedir-touch.test');// Created.exec('touch /tmp/bar/no-basedir-exec.test');// Created.ini_set('open_basedir','/tmp/foo');touch('/tmp/bar/touch-basedir.test');// Not created.exec('touch /tmp/bar/touch-basedir-exec.test');// Created. Result: So the bug, after all, is using |
nicolas-grekas commentedMar 13, 2024
Works for me as a bugfix. |
nicolas-grekas commentedMar 13, 2024
But indeed the tests need to be taken care of! |
Luc45 commentedMar 13, 2024
This PR doesn't fix it, this is still present in Symfony ^7 |
Luc45 commentedMar 13, 2024
Initially, I thought that the upstream PR would fix it, but it doesn't. We can either consider it a "feature" not a "bug", or we can fix it. I just wonder if there are any security concerns on fixing this. |
Luc45 commentedMar 13, 2024
I'll close this PR and open a bug report |
This PR ports the PR#47422 to Symfony Process 5.4