Incorrect permissions created by wp_mkdir_p() when safe mode is used
|Reported by:||cgrenier||Owned by:|
When safe mode and sgid directories are used, the function wp_mkdir_p() frim wp-includes/functions.php will failed to create to create a directory with correct permissions.
How to test the problem on wp_mkdir_p() function:
- Create a directory, set the permission to 02777
- Put the file named poc.php in this directory
- safe_mode is on, safe_mode_gid is on
- php (apache) is run by a user other than the file owner
- call the poc.php script via an url
Sub-directory /1/2/3/4/ hasn't been created due to safe mode restriction.
Any file or directory created in a sgid directory inherits the group owner. When safe mode is used, chmod() cannot set the SUID, SGID and sticky bits and the chmod() calls will remove the expected permission.
There is a least two possibilities:
- Don't call chmod at all (Need to check if non Unix system, Windows, is affected).
- Don't call chmod if safe_mode is enable and sgid permission is present
Change History (9)
- Component changed from General to Upload
- Milestone changed from Unassigned to Future Release
- Version set to 2.9.2