View Single Post
  #1  
Old 14th December 2011, 18:41
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 368
Thanks: 25
Thanked 47 Times in 42 Posts
Default open_basedir paths from parent directories seem not to be inherited automatically

I'm running Apache/2.2.14 (Ubuntu) and PHP 5.3.2-1ubuntu4.10.

I would like to define open_basedir rules in /etc/apache2/httpd.conf that apply to all vhosts, but also define additional directories on a per-vhost basis (via the ISPConfig interface).

The problem I'm having is that open_basedir inheritance does not seem to behave as described in the PHP manual. From the manual ( http://php.net/manual/en/ini.core.php ):

Quote:
As an Apache module, open_basedir paths from parent directories are now automatically inherited.
I have not found this to be the case.

In /etc/apache2/httpd.conf I have:

Code:
<Directory /var/www/>
AllowOverride All
Order allow,deny
Allow from all
php_admin_value open_basedir "/dev/urandom:/usr/share/php"
</Directory>
And in the "Apache Directives" box for the vhost in question, I have:

Code:
<Directory /var/www/example.com>
php_admin_value open_basedir "/var/www/example.com/tmp:/var/www/example.com/web"
</Directory>
Yet, when I view the output from phpinfo() from within a script at /var/www/example.com/web/info.php, the directories listed for open_basdir are:

Code:
/var/www/dev.level8ds.com/tmp:/var/www/dev.level8ds.com/web
So, the open_basedir directories that are defined in /etc/apache2/httpd.conf are not being inherited, but rather, they are being overwritten.

This is the behavior that I have observed and documented:

Firstly, directives prepended with "php_admin_*" cannot be modified with subsequent definitions (even if they contain the php_admin_* prefix); they are final. Similarly, directives defined with php_admin_* will OVERWRITE any previous directives (even if they contain the php_admin_* prefix).

Further, directives defined with php_* have no effect if the equivalent php_admin_* directive has been defined (either before or after).

Finally, php_admin_* directives will overwrite their php_* equivalents.


Has anyone else encountered this issue?

Thanks in advance...
Reply With Quote
Sponsored Links