[wp-trac] [WordPress Trac] #37978: Warning: posix_getpwuid() has been disabled for security reasons

Mon Sep 12 16:53:00 UTC 2016

#37978: Warning: posix_getpwuid() has been disabled for security reasons
----------------------------+------------------------------
 Reporter:  AndyDeGroo      |       Owner:
     Type:  defect (bug)    |      Status:  new
 Priority:  normal          |   Milestone:  Awaiting Review
Component:  Filesystem API  |     Version:  4.6.1
 Severity:  normal          |  Resolution:
 Keywords:                  |     Focuses:
----------------------------+------------------------------

Comment (by AndyDeGroo):

 Replying to [comment:4 dd32]:
 > I'm not against a `wp_function_exists()` which wraps all that logic up..
 as much as I hate having to.. something like..
 > {{{
 > function wp_function_exists( $func ) {
 >     static $disabled_funcs;
 >     if ( ! function_exists( $func ) ) {
 >         return false;
 >     }
 >     return $func NOT in statically-cached ini_get( 'disable_functions'
 );
 > }
 > }}}

 Caching the result makes sense because the code might be called repeatedly
 in during an update.

 I see 4806 repeated error messages in PHP error log after updating
 Jetpack, all within 8 seconds.
 There are 1021 files in Jetpack 4.3.1, which correlates with the number of
 error messages, if update process calls `WP_Filesystem_Direct::owner()` 4
 times for each file and twice for a directory.

 However, I can't understand why `function_exists('posix_getpwuid')`
 returns `true` in `class-wp-filesystem-direct.php` but `false` in my test.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/37978#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform