Re: PHP causing high number of NFS getattr operations?

From:	Terry Ellison	Date:	Sat, 23 Feb 2013 01:02:41 +0000
Subject:	Re: PHP causing high number of NFS getattr operations?
References:	1 2	Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message

On 19/02/13 01:30, Kevin Yung wrote:
In our environment, we use NFS for shared storage, we are using APC as well
with stat=0. In our setting, we also experiencing high number of stat()
calls on our file system. My initial finding of this problem is we enabled
the open_basedir setting. And there is already a bug report for this,
https://bugs.php.net/bug.php?id=52312

We tested the issue in 5.2.x, 5.3.x and 5.4.x, all of them experiencing
same issue.
Kevin, I've just walked through this in 5.3 and 54 and updated this bugrep.  In short there is some silly coding here which should be addressed.  Even if we accept that PHP should comply with http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5178 if open_basedir is set, then the cache should only be ignored on the actual open itself, as this is the only one that is exploitable, but let's have this debate on the bugrep.  Let me think about the security and other NFRs and propose a patch.


   

Thread (33 messages)

• Brendon ColbyMon, 18 Feb 2013 20:26:13 +0000
  • Rasmus LerdorfMon, 18 Feb 2013 20:35:20 +0000
    • Brendon ColbyMon, 18 Feb 2013 21:03:26 +0000
      • Damien TournoudMon, 18 Feb 2013 21:32:29 +0000
        • Brendon ColbyMon, 18 Feb 2013 21:47:36 +0000
          • Terry EllisonTue, 19 Feb 2013 00:10:55 +0000
            • Brendon ColbyWed, 20 Feb 2013 19:26:25 +0000
    • Stas MalyshevTue, 19 Feb 2013 01:50:09 +0000
      • Rasmus LerdorfTue, 19 Feb 2013 01:55:53 +0000
        • Stas MalyshevTue, 19 Feb 2013 02:14:39 +0000
          • Rasmus LerdorfTue, 19 Feb 2013 02:32:49 +0000
            • Terry EllisonTue, 19 Feb 2013 09:36:09 +0000
              • Terry EllisonTue, 19 Feb 2013 16:06:22 +0000
                • Stas MalyshevTue, 19 Feb 2013 20:32:18 +0000
                  • Terry EllisonTue, 19 Feb 2013 23:08:34 +0000
                    • Christopher JonesWed, 20 Feb 2013 01:51:29 +0000
                    • Stas MalyshevWed, 20 Feb 2013 08:26:58 +0000
                      • Terry EllisonWed, 20 Feb 2013 15:00:07 +0000
                • Brendon ColbyWed, 20 Feb 2013 23:52:22 +0000
                  • Terry EllisonThu, 21 Feb 2013 00:26:32 +0000
            • Brendon ColbyThu, 21 Feb 2013 23:15:44 +0000
              • Rasmus LerdorfThu, 21 Feb 2013 23:38:49 +0000
                • Terry EllisonFri, 22 Feb 2013 00:41:01 +0000
                  • Rasmus LerdorfFri, 22 Feb 2013 00:57:11 +0000
                    • Terry EllisonFri, 22 Feb 2013 10:56:02 +0000
                      • Ferenc KovacsFri, 22 Feb 2013 11:20:04 +0000
                        • Terry EllisonFri, 22 Feb 2013 12:52:53 +0000
                          • Ferenc KovacsFri, 22 Feb 2013 15:06:41 +0000
              • [email protected]Thu, 21 Feb 2013 23:42:55 +0000
                • [email protected]Fri, 22 Feb 2013 00:02:39 +0000
  • Kevin YungTue, 19 Feb 2013 01:44:13 +0000
  • Kevin YungTue, 19 Feb 2013 01:30:02 +0000
    • Terry EllisonSat, 23 Feb 2013 01:02:41 +0000