uploading fails with safe_mode turned
|Reported by:||BjornW||Owned by:|
When using Wordpress with the following php.ini settings:
safe_mode On On
safe_mode_exec_dir no value no value
safe_mode_gid On On
safe_mode_include_dir no value no value
open_basedir no value no value
It will result in a failed upload:
Warning: move_uploaded_file(): SAFE MODE Restriction in effect. The script whose uid/gid is 2102/2052 is not allowed to access /filename owned by uid/gid 33/33
I am not sure if and what Wordpress developers can do to counter this. Off course we can ask sysadmins to change the safe_mode directive or its options, but this is in my view a less than ideal solution.
When searching for a better solution I came across this post at the php.net site:
4000 (the setuid bit). Executable files with this bit set will run with effective uid set to the uid of the file owner. Directories with this bit set will force all files and sub-directories created in them to be owned by the directory owner and not by the uid of the creating process, if the underlying file system supports this feature: see chmod(2) and the suiddir option to mount(8).
There seems to have been some earlier report about this, but the corresponding ticket #2150 was closed? Maybe this issue has been re-introduced?