Summary


The function
public static function delete($file)
contains a chmod($file, 0777);
that can NOT be executed inconditionally when the $file is in fact a symbolic link.
In this case, the chmod affect the physical file and not the link.
This may result on 500 Internal Server Error when the file correspond to a link on a directory like "/administrator" and that suPHP is installed on the server.
suPHP forbid to have directories with 777.
Therefore, the chmod can only be applied when the file is not a link.
We fixed the issue by adding a test on the file type.
if ( !is_link( $file)) {
@chmod($file, 0777);
}
In attachement, we provide the file that we have fixed.
/libraries/joomla/filesystem/file.php
Tested on Joomla 2.5
Same issue in Joomla 3.0 & 1.5
Opened On:
14 Dec 2012, 5:13 by Edwin CHERONT
Closed On:
17 Aug 2014, 5:30
Status:
Closed

Filed Under

  • First
  • Platform
  • Platform Only
  • Second

Responses

Posted on 20 Dec 2012, 11:11 by Jean-Marie Simonet
One can't attach a .php file in tracker.
Please propose a patch or change the .php to .txt for someone else to make a patch

This would impact platform and therefore implies a Pull Request on github platform.
Posted on 7 Apr 2013, 16:42 by Brian Teeman
Is this still an issue? If it is please can you create a pull request or submit a patch.
Posted on 10 Apr 2013, 5:03 by Edwin CHERONT
The issue is still present in Joomla 2.5, 3.0 and now 3.0

Sorry but I don't know where in the Github, I have to go to pull a request for J2.5 another one for J3.0 and again for J3.1

I don't know if I did it correctly but I tried to do it in Github.
I have just a doubt that it will be include in J2.5, J3.0 and 3.1

In Github, this is just mentioned platform and there is no specific place for each joomla version (or I didn't saw it).

Posted on 10 Apr 2013, 5:49 by Brian Teeman
Hi Edwin

Go to https://github.com/joomla/joomla-cms
You will see on the left hand side a box called Master
If you make a pull request with that selected it will be for J3
If you click on that then a dropdown will appear where you can change from Master to J25
If you make that change and do a pull request then it will be for J25

When you have done this for both please post a link to both of the pull requests so that it can be tested etc.

Thanks in advance
Posted on 10 Apr 2013, 6:17 by Edwin CHERONT
Thank you Brian for the guide line.

I have tried to apply it and I hope that I did it correctly.

So we should have 2 pull request (One for the branch 2.5 and the other one for the master)

Edwin
Posted on 10 Apr 2013, 6:37 by Brian Teeman
You forgot the links ;)

Pull request for Joomla 3 https://github.com/joomla/joomla-cms/pull/971

Setting to pending as we have a patch
Posted on 11 Apr 2013, 16:09 by Valentin Despa
There is clearly something wrong with the pull request (it's changing around 2400+ files :P).

@Edwin please update your Joomla! fork with the branch 2.5.x
https://github.com/joomla/joomla-cms/tree/2.5.x

Then create the pull request (so that it changes only the files you changed). Thanks!

Posted on 12 Apr 2013, 1:23 by Edwin CHERONT
As I have already mentioned in the past with other bug tracker, I prefer to let the bug squad apply the changes.
Sorry but you confirm again that I am not qualified to do the changes in the Github.

I still have other bug tracker issues that are in the same state for more less 1 year. That would be good that some body in the bug squad apply the changes for me.
Here it is the link to another issue pending for the same reason
http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=28333

That would be better efficiant rather than changing 2000 files by errors that I suppose consume a lot of time to plenty of person.

That would be faster than discuss and teach me on how to perform the "pull request" correctly.

Sorry again for all the files changed by the fact that I am not able to apply the change correctly in Github.

I just hope that somebody will do it for me correctly.
Posted on 12 Apr 2013, 13:39 by Valentin Despa
Hi Edwin,

On Joomla every user helping counts (a lot!) -- so we need you too, if it's something that you want to do / learn.

I can help you create the pull request. Just let me know. I will teach you once and next times you will be a master :) What do you say?
Posted on 12 Apr 2013, 16:05 by Edwin CHERONT
That would be welcome.
I just need a clear procedure (step by step) on how to post a bug and attach a file with that file updated.
After that if somebody can get my post and review it to apply in the appropriate joomla version that would be great.

Till now, each time that I try to pull a request, this is a failure and the issue that I report are very sensitive on the core.
So this must be performed correctly.
I am working at a very low level in the joomla kernel and when I report something, this is because I consider it as a real bug.

Sometime, I don't report due to incompatibilities with previous version or incompatibilities with PHP. I just consisder this is "like that".

But my pending bug trackers are sensitive and concern few person but are critical. So I consider that they should be applied in the core but I am not able to do it.

So a clear procedure on the method to perform the post is very welcome.
This would help me more contributive in the post on sensitive low level parts.
As my contribution is at very low level, I am scare to update anything with the consequence to have 2000 files or more updated. For the moment, I am in the situation where I prefer - don't touch and let other people apply the changes.

Thank you for your help.
Posted on 22 Apr 2013, 9:12 by Valentin Despa
Hi Edwin,

Sorry for the delay. Here are a few basic steps you need to know about:

1. Posting bugs is clear, here is the process for dealing with bugs (just for your info),

http://docs.joomla.org/Filing_bugs_and_issues
http://docs.joomla.org/Bug_Tracking_Process

2. Delete any Joomla fork on github. Fork it again (just to make sure you got the latest version).

3. Checkout the version locally on your PC, select the 2.5.x branch, make the change to fix the bug. Commit the change. Make a pull request from github to Joomla.

4. Your pull rq will have a number. Add .diff after the link and you will get the patch. Post the patch here.

Here are some links:

http://docs.joomla.org/Git_for_Coders
http://docs.joomla.org/Git_for_Testers_and_Trackers

If you need further help, email me at infoATvdespaDOTde.

Thanks!
Posted on 22 Apr 2013, 9:51 by Edwin CHERONT
I have sent you an email.
The first doc make reference on how to report a bug into the "bug tracker" that I did here.

The second set of link present Github with Eclipse. Sorry but I don't use Eclipse for the developement. So this does not help me.
When I tried to "pull a request", I directly use the browser and the Github editor to write the change.
Posted on 22 Apr 2013, 16:26 by Brian Teeman
Edwin I made the same mistake myself.

Using the web interface of github you need to follow the following to create a PR against he 2.5 tree

1. near the top left click to the right of Master to reveal the drop down and select 2.5
2. find the file you wish to edit and save.
3. you will then be prompted to submit the pull request BUT github reverts to selecting the Master branch (hence your problem - so you need to once again make sure that you have changed to the 2.5 branch

If I can work out how to od it then I'm sure someone with your development skills is more than capable
Posted on 29 Apr 2013, 13:23 by Valentin Despa
Under Windows I haven't seen any problems / errors. The lnk gets deleted, the administrator file does not get deleted.

Will test under Linux.
Posted on 29 Apr 2013, 13:55 by Valentin Despa
Tested under Linux, symlink got deleted, no errors appeared.

Also suphp latest release is from 2009, I won't say that it still maintained.

Maybe somebody else can replicate this? I don't have suPHP.
Posted on 29 Apr 2013, 14:12 by Edwin CHERONT
The link is deleted but the physical directory changed of permission.

If you had a directory with permission 755, after the delete, the physical location of the directory become 777 that is false and cause the "Internal Server Error" on environment with suPHP installed.

So you can not perform the chmod when you detect this is a link.
This affect the physical (target) directory where the link is pointing.
Posted on 7 May 2013, 2:18 by Valentin Despa
I've made a PR, please test:

https://github.com/joomla/joomla-cms/pull/1111.diff

Where is your tracker id from J3.x and the PR please?
Posted on 7 May 2013, 7:52 by Edwin CHERONT
Dear Valentin, this is working perfectly.
Thank you very much.

Here it is the test PHP code that I have added at the end of the "index.php" present in the root.

// Return the response.
echo $app;

// --- Test code start here ----
$dir = dirname( __FILE__).'/test';
mkdir( $dir);
$link = dirname( __FILE__).'/tst_link';
symlink( $dir, $link);
JFile::delete( $link);

When the fix is NOT present, the "test" directory create result with a permission "777"

When the fix is PRESENT, the result is "755"

Concerning your other question relative to J3.x

As I have mentioned in the first post in the bugtracker, this affect all Joomla.

I didn't created a duplicate bugtracker for each joomla version.
I have just post one for 2.5 and expect that this will be propagated to all the version of Joomla.
Posted on 1 Jun 2013, 17:20 by Ofer Cohen
@test
Works fine.
Posted on 17 Aug 2014, 5:30 by Valentin Despa

Closed in favor of #3449. If this is still an issue, please create a new issue. Thanks all!