correct fix for access control for save_path and .htaccess

diff --git a/ext/session/mod_files.c b/ext/session/mod_files.c
index cd5bda22045fd661c484f0518dbc66de003c2a59..722e389177814527299167b5f7ccbbfedfb8bb57 100644 (file)
--- a/ext/session/mod_files.c
+++ b/ext/session/mod_files.c
@@ -294,14 +294,6 @@ PS_OPEN_FUNC(files)
        }
        save_path = argv[argc - 1];
 
-       if (PG(safe_mode) && (!php_checkuid(save_path, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
-               return FAILURE;
-       }
-
-       if (PG(open_basedir) && php_check_open_basedir(save_path TSRMLS_CC)) {
-               return FAILURE;
-       }
-
        data = emalloc(sizeof(*data));
        memset(data, 0, sizeof(*data));
        

diff --git a/ext/session/session.c b/ext/session/session.c
index 3dfda00d6f263657816d706ee64374f1b02c972f..7b2e03115cfc857a30a40d5cd8e18d9c4c9bd336 100644 (file)
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -151,7 +151,7 @@ static PHP_INI_MH(OnUpdateSerializer)
 static PHP_INI_MH(OnUpdateSaveDir)
 {
        /* Only do the safemode/open_basedir check at runtime */
-       if (stage == PHP_INI_STAGE_RUNTIME) {
+       if (stage == PHP_INI_STAGE_RUNTIME || stage == PHP_INI_STAGE_HTACCESS) {
                char *p;
 
                if (memchr(new_value, '\0', new_value_length) != NULL) {
@@ -168,7 +168,7 @@ static PHP_INI_MH(OnUpdateSaveDir)
                        return FAILURE;
                }
 
-               if (php_check_open_basedir(p TSRMLS_CC)) {
+               if (PG(open_basedir) && php_check_open_basedir(p TSRMLS_CC)) {
                        return FAILURE;
                }
        }