What is the complete list of functions which has access to the filesystem in PHP5?

Question

Here's a list I've started, and would like to complete. I'm looking to create a FULL list of functions that read or write from the filesystem. See below. Which ones am I missing? Thanks

readfile, fpassthru, file, file_get_contents, system, fopen, symlink, rename, copy, exec, passthru, pcntl_exec, backtick_operator, shell_exec, popen, proc_open, chmod, chown, chgrp, touch, dl, highlight_file, show_source, mkdir, rmdir, posix_mkfifo, dbase_open, dbmopen, filepro, pg_lo_import, move_uploaded_file, link

The list could be used for scanning potential performance problems (many naive developers do not realize that accessing the filesystem is too slow), locating potentially mallicious code, backdoors, etc.

A suggestion for version 2: many naive developers don't know the difference between file system and network and do stuff like `require('http://example.com/footer.php')`. — Álvaro González, Apr 19 '11 at 14:32
That's just the tip of the iceberg... for instance most of the function that load XML (e.g. in simplexml, dom, etc.) and even XSLT templates may access the filesystem. — Artefacto, Apr 19 '11 at 14:55
And many other extensions: zip, openssl, intl (which are standard ones), plus half of the ones in PECL. You'll never put together a reliable list. — Artefacto, Apr 19 '11 at 14:58

score 2 · Answer 1 · answered Apr 19 '11 at 14:22

2

Filesystem functions list via php.net

answered Apr 19 '11 at 14:22

hsz

148,279
62
259
315

score 2 · Accepted Answer · edited May 23 '17 at 11:55

This is listed in Exploitable PHP Functions. Also keep in mind that "Command Execution" functions can also be used to access the file system and is a most likely bigger problem.

> // open filesystem handler fopen
> tmpfile bzopen gzopen // write to
> filesystem (partially in combination
> with reading) chgrp chmod chown copy
> file_put_contents lchgrp lchown link
> mkdir move_uploaded_file rename rmdir
> symlink tempnam touch unlink imagepng - 2nd parameter is a path. 
> imagewbmp  - 2nd parameter is a path.  
> image2wbmp - 2nd parameter is a path.  
> imagejpeg  - 2nd parameter is a path. 
> imagexbm   - 2nd parameter is a path. 
> imagegif   - 2nd parameter is a path. 
> imagegd    - 2nd parameter is a path. 
> imagegd2   - 2nd parameter is a path. 
> iptcembed ftp_get ftp_nb_get // read from
> filesystem file_exists
> file_get_contents file fileatime
> filectime filegroup fileinode
> filemtime fileowner fileperms filesize
> filetype glob is_dir is_executable
> is_file is_link is_readable
> is_uploaded_file is_writable
> is_writeable linkinfo lstat
> parse_ini_file pathinfo readfile
> readlink realpath stat gzfile
> readgzfile getimagesize
> imagecreatefromgif imagecreatefromjpeg
> imagecreatefrompng imagecreatefromwbmp
> imagecreatefromxbm imagecreatefromxpm
> ftp_put ftp_nb_put exif_read_data
> read_exif_data exif_thumbnail
> exif_imagetype hash_file
> hash_hmac_file hash_update_file
> md5_file sha1_file highlight_file
> show_source php_strip_whitespace
> get_meta_tags

score 1 · Answer 3 · answered Apr 19 '11 at 14:26

1

@hsz mentioned one set of functions, but there are also:

answered Apr 19 '11 at 14:26

AJ.

27,586
18
84
94

score 0 · Answer 4 · answered Apr 19 '11 at 15:24

0

Instead of limiting PHP functions usage, consider running PHP in chroot environment to protect your filesystem.

See apache documentation for chrootdir directive

answered Apr 19 '11 at 15:24

Michał Šrajer

30,364
7
62
85

What is the complete list of functions which has access to the filesystem in PHP5?

4 Answers4