WordPress.org

Make WordPress Core

Opened 2 months ago

Last modified 3 weeks ago

#51340 new defect (bug)

Stop chmodding files and folders

Reported by: malthert Owned by:
Milestone: Awaiting Review Priority: normal
Severity: major Version:
Component: Filesystem API Keywords:
Focuses: Cc:

Description

WP's filesystem handler has a chmod function, that is used e.g. when updating,...

To conform with standards, enforce proper usage of umask by the server admin as well as avoid errors when the file owner is not the same as the user running WP, WP should not be chmodding files whatsoever.

Linux, for obvious security reasons, only allows chmod for the owner of the file (independent of permissions, except root).
Thus, it makes sense to have the WP files owned by user A, but run php(-fpm) by user B.

When WP now tries to chmod, which it shouldnt, as we have established that may cause a security issue, it will obviously create a PHP error.

Change History (3)

This ticket was mentioned in Slack in #core by helen. View the logs.


3 weeks ago

#2 @helen
3 weeks ago

  • Version trunk deleted

I am clearing the version here as I don't think it's new to trunk (5.6 beta), please feel free to change back and comment with more info if it is new so it can be investigated appropriately.

#3 @p00ya
3 weeks ago

I'll add another use case for when chmod is bad: some plugins support uploading to cloud storage (instead of filesystem wp-content/uploads) via stream wrappers. Stream wrappers don't necessarily support chmod, see:
https://www.php.net/manual/en/streamwrapper.stream-metadata.php

While these errors aren't fatal, they do confuse users of these plugins, since they're the most visible things in the logs.

Note: See TracTickets for help on using tickets.