Fix phpGH-11808: Live filesystem modified by tests (security)

There's a test that tries to make /etc world-writable, and asserts that it fails. Although this test is guarded by a root user check, there are situations where you don't need to be root to be able to do this. This may thus have unwanted effects on your live filesystem. The simple solution is to remove that part of the test. It doesn't really add value anyway: we're trying to test the chmod error path, but that exact same error path can be reached with any failure condition that the kernel gives. For example, trying to chmod a non-existent file will trigger the same code path. While at it, also prefix the test path for the non-existent file such that we don't accidentally modify the filesystem. The chroot now has a better root-user check, that will not modify the filesystem. Other root-modifying mkdir tests were removed because they added no value either. Closes phpGH-13566.

Author: ndossche

NEWS

@@ -13,6 +13,9 @@ PHP NEWS
  . Fixed bug GH-13531 (Unable to resize SplfixedArray after being unserialized
  in PHP 8.2.15). (nielsdos)
 
+- Standard:
+ . Fixed bug GH-11808 (Live filesystem modified by tests). (nielsdos)
+
 - XML:
  . Fixed bug GH-13517 (Multiple test failures when building with
  --with-expat). (nielsdos)

ext/standard/tests/file/006_error.phpt

@@ -11,20 +11,9 @@ require __DIR__ . '/../skipif_root.inc';
 <?php
 echo "*** Testing error conditions for fileperms(), chmod() ***\n";
 
-/* With standard files and dirs */
-var_dump( chmod("/etc/passwd", 0777) );
-printf("%o", fileperms("/etc/passwd") );
-echo "\n";
-clearstatcache();
-
-var_dump( chmod("/etc", 0777) );
-printf("%o", fileperms("/etc") );
-echo "\n";
-clearstatcache();
-
 /* With non-existing file or dir */
-var_dump( chmod("/no/such/file/dir", 0777) );
-var_dump( fileperms("/no/such/file/dir") );
+var_dump( chmod(__DIR__ . "/no/such/file/dir", 0777) );
+var_dump( fileperms(__DIR__ . "/no/such/file/dir") );
 echo "\n";
 
 echo "\n*** Done ***\n";
@@ -34,16 +23,8 @@ echo "\n*** Done ***\n";
 
 Warning: chmod(): %s in %s on line %d
 bool(false)
-100%d44
-
-Warning: chmod(): %s in %s on line %d
-bool(false)
-40755
-
-Warning: chmod(): No such file or directory in %s on line %d
-bool(false)
 
-Warning: fileperms(): stat failed for /no/such/file/dir in %s on line %d
+Warning: fileperms(): stat failed for %s/no/such/file/dir in %s on line %d
 bool(false)
 
 

ext/standard/tests/file/chroot_001.phpt

@@ -2,14 +2,22 @@
 chroot()
 --SKIPIF--
 <?php
-chdir("/");
-if (!@mkdir("testtmpskipifdir")) {
- die("skip for root only");
-}
-rmdir("testtmpskipifdir");
 if (!function_exists("chroot")) {
  die("skip chroot() not available");
 }
+// Skip if not being run by root (files are always readable, writeable and executable)
+$filename = @tempnam(__DIR__, 'root_check_');
+if (!file_exists($filename)) {
+ die('WARN Unable to create the "root check" file');
+}
+
+$isRoot = fileowner($filename) == 0;
+
+unlink($filename);
+
+if (!$isRoot) {
+ die('SKIP Must be run as root');
+}
 ?>
 --FILE--
 <?php

ext/standard/tests/file/mkdir-004.phpt

@@ -1,24 +1,20 @@
 --TEST--
-recursive mkdir() tests
---SKIPIF--
-<?php
-chdir("/");
-if (!@mkdir("testtmpskipifdir")) {
- die("skip for root only");
-}
-rmdir("testtmpskipifdir");
-?>
+recursive mkdir() with unclean paths
 --FILE--
 <?php
+chdir(__DIR__);
+$dirpath = "./tmp/foo//bar/logs";
+mkdir($dirpath, 0777, true);
 
-var_dump(mkdir("/testdir/subdir", 0777, true));
-var_dump(rmdir("/testdir/subdir"));
-var_dump(rmdir("/testdir"));
-
-echo "Done\n";
+if (is_dir($dirpath)) {
+ echo "Ok.\n";
+} else {
+ echo "Failed.\n";
+}
+rmdir("./tmp/foo/bar/logs");
+rmdir("./tmp/foo/bar/");
+rmdir("./tmp/foo/");
+rmdir("./tmp/");
 ?>
 --EXPECT--
-bool(true)
-bool(true)
-bool(true)
-Done
+Ok.