Fix GH-11808: Live filesystem modified by tests (security)

There's a test that tries to make /etc world-writable, and asserts that
it fails. Although this test is guarded by a root user check, there are
situations where you don't need to be root to be able to do this.
This may thus have unwanted effects on your live filesystem.

The simple solution is to remove that part of the test. It doesn't
really add value anyway: we're trying to test the chmod error path, but
that exact same error path can be reached with any failure condition
that the kernel gives. For example, trying to chmod a non-existent file
will trigger the same code path.

While at it, also prefix the test path for the non-existent file such
that we don't accidentally modify the filesystem.

The chroot now has a better root-user check, that will not modify the
filesystem.

Other root-modifying mkdir tests were removed because they added no
value either.

Closes GH-13566.

Author: nielsdos

NEWS

@@ -13,6 +13,9 @@ PHP                                                                        NEWS
   . Fixed bug GH-13531 (Unable to resize SplfixedArray after being unserialized
     in PHP 8.2.15). (nielsdos)
 
+- Standard:
+  . Fixed bug GH-11808 (Live filesystem modified by tests). (nielsdos)
+
 - XML:
   . Fixed bug GH-13517 (Multiple test failures when building with
     --with-expat). (nielsdos)

ext/standard/tests/file/006_error.phpt

@@ -11,20 +11,9 @@ require __DIR__ . '/../skipif_root.inc';
 <?php
 echo "*** Testing error conditions for fileperms(), chmod() ***\n";
 
-/* With standard files and dirs */
-var_dump( chmod("/etc/passwd", 0777) );
-printf("%o", fileperms("/etc/passwd") );
-echo "\n";
-clearstatcache();
-
-var_dump( chmod("/etc", 0777) );
-printf("%o", fileperms("/etc") );
-echo "\n";
-clearstatcache();
-
 /* With non-existing file or dir */
-var_dump( chmod("/no/such/file/dir", 0777) );
-var_dump( fileperms("/no/such/file/dir") );
+var_dump( chmod(__DIR__ . "/no/such/file/dir", 0777) );
+var_dump( fileperms(__DIR__ . "/no/such/file/dir") );
 echo "\n";
 
 echo "\n*** Done ***\n";
@@ -34,16 +23,8 @@ echo "\n*** Done ***\n";
 
 Warning: chmod(): %s in %s on line %d
 bool(false)
-100%d44
-
-Warning: chmod(): %s in %s on line %d
-bool(false)
-40755
-
-Warning: chmod(): No such file or directory in %s on line %d
-bool(false)
 
-Warning: fileperms(): stat failed for /no/such/file/dir in %s on line %d
+Warning: fileperms(): stat failed for %s/no/such/file/dir in %s on line %d
 bool(false)
 
 

ext/standard/tests/file/chroot_001.phpt

@@ -2,14 +2,22 @@
 chroot()
 --SKIPIF--
 <?php
-chdir("/");
-if (!@mkdir("testtmpskipifdir")) {
-    die("skip for root only");
-}
-rmdir("testtmpskipifdir");
 if (!function_exists("chroot")) {
     die("skip chroot() not available");
 }
+// Skip if not being run by root (files are always readable, writeable and executable)
+$filename = @tempnam(__DIR__, 'root_check_');
+if (!file_exists($filename)) {
+    die('WARN Unable to create the "root check" file');
+}
+
+$isRoot = fileowner($filename) == 0;
+
+unlink($filename);
+
+if (!$isRoot) {
+    die('SKIP Must be run as root');
+}
 ?>
 --FILE--
 <?php

ext/standard/tests/file/mkdir-004.phpt

@@ -1,24 +1,20 @@
 --TEST--
-recursive mkdir() tests
---SKIPIF--
-<?php
-chdir("/");
-if (!@mkdir("testtmpskipifdir")) {
-    die("skip for root only");
-}
-rmdir("testtmpskipifdir");
-?>
+recursive mkdir() with unclean paths
 --FILE--
 <?php
+chdir(__DIR__);
+$dirpath = "./tmp/foo//bar/logs";
+mkdir($dirpath, 0777, true);
 
-var_dump(mkdir("/testdir/subdir", 0777, true));
-var_dump(rmdir("/testdir/subdir"));
-var_dump(rmdir("/testdir"));
-
-echo "Done\n";
+if (is_dir($dirpath)) {
+    echo "Ok.\n";
+} else {
+    echo "Failed.\n";
+}
+rmdir("./tmp/foo/bar/logs");
+rmdir("./tmp/foo/bar/");
+rmdir("./tmp/foo/");
+rmdir("./tmp/");
 ?>
 --EXPECT--
-bool(true)
-bool(true)
-bool(true)
-Done
+Ok.