Bug #16521
closed
Several issues with Safe Mode On and testing for files using is_file()
0%
Description
Due to the way is_file() works it will always return false if the file is not owned by the user running the php script. This means in essense that if the file isnt owned by webserver user is_file() will always return false when testing for it..
Thus far I have found two issues regarding this;
First default_config.php is unable to detect localconf.php even if it is sitting there and is read and writeable by the webserver.
Second in the install script testing for ImageMagick executables always fails even if they are available. This can be worked around by setting the path manually in the all configurastion page and enabling IM.
My suggestion is that Typo3 considers a different testing mechanism when running under safemode, like actually executing the file in question or something similar. Perhaps reading a few bytes from the beginning of the file if that can be done. This is ofcourse more expensive in terms of cpu cycles, but makes typo3 alot more safemode friendly.
I believe this bug/flaw/limitation is valid in the latest release as of today.
(issue imported from #M4142)
Updated by Chris topher almost 14 years ago
This is still an issue in current trunk (as of TYPO3 4.4beta3).
E.g. in sysext/install/mod/class.tx_install.php -> checkImageMagick()
the following line might return the wrong value:
file_exists($v) && @is_file($v.$filename.$isExt)
Updated by Wouter Wolters about 11 years ago
- Status changed from New to Resolved
- Target version deleted (
0)
In INSTALL.txt is the following line
Safe mode is not supported, thus it must not be activated
We do not support safemode since some versions.
Updated by