New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
String::_source open_basedir pre-check for urandom #1212
Conversation
Requires open_basedir to be unset in order to use /dev/urandom. Prevents "is_readable(): open_basedir restriction in effect. File(/dev/urandom) is not within the allowed path(s)" error. This is the proper way to handle this case instead of silencing is_readable.
As we generally need tests for changes: do you think it's possible to create one for this case? I currently cannot imagine how, as we'd need to mock open base dir. Might as well create a test that skips if open base dir is not in effect? |
@DavidPersson What I know is that before I made the change, I got a nasty PHP warning and the random string generator was broken, and now it's working. As you said, not possible to do a test case. You'll have to use your discretion here, this is a special case. |
I absolutely believe this is an issue. As a compromise would you add a test that skips if open base dir is not in effect and sets expectations on generated errors?
lithium/tests/cases/storage/SessionTest.php Line 264 in 51aaf1d
Thanks! |
|
Have you guys ever heard that story about a hammer factory... |
Then I'd vote for creating the conditionally run test (I've mentioned earlier), but don't create a new travis build. The decision if we may always want to run under the open_basedir restriction (kind of leads up to there), is one I don't want to make now. |
To be clear, I just edit the String test file and add a function to test this case, and then make a pull request? |
Yes and run You can amend this PR with the test. Just push the changes into the same PR branch. |
Done. |
I gave this issue a little bit more thought. Sorry for doing this a bit late - but better late than never ;)
This would also be the strategy to resolve the problem, if you control the setting. For other environments I suggest we add other sources of randomness before urandom is selected. This would target |
Checking for open_basedir isn't an option as path checking would get too complex. For the time being I've added a note, that shows how to workaround the issue. Mid-term, I'm thinking about adding more sources for randomness, or make Random adaptable. |
Refs #1216 |
Requires open_basedir to be unset in order to use /dev/urandom. Prevents "is_readable(): open_basedir restriction in effect. File(/dev/urandom) is not within the allowed path(s)" error. This is the proper way to handle this case instead of silencing is_readable.