HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=16)
-   -   open_basedir problem. (http://www.howtoforge.com/forums/showthread.php?t=26861)

CubAfull 16th September 2008 03:10

open_basedir problem.
 
ok
were i can change the value for open_basedir to no value

I try to modify my php.ini but the changes will not take effect :(

I need open_basedir no value

I always get open_basedir /var/www/web5

Im using:

Debian etch, suPHP, ISPConfig 2.2.25.

I have a script that need this configuration.

please help. :(

till 16th September 2008 16:33

Ths value can not be changed individually. The only thing you can do is to disable php for the wesbite and then configure php manually by adding directives to the apache directives field without using the suphp wrapper script from ispconfig. Please be aware that it is security risk to run scripts without the open_basedir restriction.

CubAfull 16th September 2008 17:22

thank you till, im the only user in the server.....is for my own domains

this is the correct script to change this value?
/home/admispconfig/ispconfig/tools/suphp/usr/bin/php-wrapper

i need to change this

Code:

exec php-cgi -d open_basedir=${BASEDIR} -d upload_tmp_dir=${TMPDIR} -d session.save_path=${SESSDIR} -d safe_mode=${SAFE_MODE}
to

Code:

exec php-cgi -d upload_tmp_dir=${TMPDIR} -d session.save_path=${SESSDIR} -d safe_mode=${SAFE_MODE}

is correct ?? or.... which is the correct way?

till 16th September 2008 17:28

Quote:

is correct ?? or.... which is the correct way?
Yes.

If you are the only user, then its fine to change it globally. You should just be aware that if you run sites on the internet and one gets hacked, this might affect the whole server then.

CubAfull 16th September 2008 17:48

Quote:

Originally Posted by till (Post 145339)
If you are the only user, then its fine to change it globally. You should just be aware that if you run sites on the internet and one gets hacked, this might affect the whole server then.

Upss....is really dangerous :(

one more thing (only to learn)
in CPanel you can turn the open_basedir on or off.....
in this case is a security risk to ?.....


thank you till for your prompt response.

till 16th September 2008 17:58

Quote:

in this case is a security risk to ?.....
Yes. This does not depend on the controlpanel. If OpenBasedir is off, a PHP script may access the whole server. For example:

$lines = file('/etc/passwd');
print_r($lines);

would output you a list of all users that are on the server, if openbasedir is not enabled as the passwd file is world readable.

CubAfull 16th September 2008 18:26

Quote:

Originally Posted by till (Post 145345)
Yes. This does not depend on the controlpanel. If OpenBasedir is off, a PHP script may access the whole server.

:eek: thank till...this realy help me alot, no more questions.

thank for your time and work.


All times are GMT +2. The time now is 04:23.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.