[wp-trac] [WordPress Trac] #10205: getmyuid() called instead of
posix_getuid() in get_filesystem_method()
(wp-admin/includes/file.php)
WordPress Trac
wp-trac at lists.automattic.com
Thu Jun 18 09:53:55 GMT 2009
#10205: getmyuid() called instead of posix_getuid() in get_filesystem_method() (wp-
admin/includes/file.php)
----------------------------+-----------------------------------------------
Reporter: pgl | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Unassigned
Component: Administration | Version: 2.8
Severity: normal | Keywords: uid, filesystem method, file.php, posix_getuid, getmyuid, direct, install, upgrade
----------------------------+-----------------------------------------------
In wp-admin/includes/file.php, the function get_filesystem_method()
attempts to figure out whether it is able to write files correctly, and
therefore whether it can update or install files directly, or needs to use
some other method.
As part of the function, in a particular case it writes a temporary file
and compares it to the return value of getmyuid(). I think this is a
mistake - the return value of getmyuid() is the owner of the current
_file_ that's being run, not the current process - so if the file is owned
by a user other than that of the web server's UID, it thinks it can't
install directly (even if it actually can, because the directories are
group writable).
This can be worked around by simply changing the owner of the file to
another user, although this isn't always going to be possible for the
person running Wordpress.
To fix this, change the function call to check the return value of
posix_getuid() instead of getmyuid(). (NB: this function isn't available
on Windows.)
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10205>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list