View Single Post
Old 16th September 2008, 18:58
till till is offline
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,995
Thanks: 840
Thanked 5,648 Times in 4,458 Posts

in this case is a security risk to ?.....
Yes. This does not depend on the controlpanel. If OpenBasedir is off, a PHP script may access the whole server. For example:

$lines = file('/etc/passwd');

would output you a list of all users that are on the server, if openbasedir is not enabled as the passwd file is world readable.
Till Brehm
Get ISPConfig support and the ISPConfig 3 manual from
Reply With Quote