View Single Post
Old 14th December 2011, 19:41
cbj4074 cbj4074 is offline
Senior Member
Join Date: Nov 2010
Posts: 395
Thanks: 30
Thanked 58 Times in 50 Posts
Default open_basedir paths from parent directories seem not to be inherited automatically

I'm running Apache/2.2.14 (Ubuntu) and PHP 5.3.2-1ubuntu4.10.

I would like to define open_basedir rules in /etc/apache2/httpd.conf that apply to all vhosts, but also define additional directories on a per-vhost basis (via the ISPConfig interface).

The problem I'm having is that open_basedir inheritance does not seem to behave as described in the PHP manual. From the manual ( ):

As an Apache module, open_basedir paths from parent directories are now automatically inherited.
I have not found this to be the case.

In /etc/apache2/httpd.conf I have:

<Directory /var/www/>
AllowOverride All
Order allow,deny
Allow from all
php_admin_value open_basedir "/dev/urandom:/usr/share/php"
And in the "Apache Directives" box for the vhost in question, I have:

<Directory /var/www/>
php_admin_value open_basedir "/var/www/"
Yet, when I view the output from phpinfo() from within a script at /var/www/, the directories listed for open_basdir are:

So, the open_basedir directories that are defined in /etc/apache2/httpd.conf are not being inherited, but rather, they are being overwritten.

This is the behavior that I have observed and documented:

Firstly, directives prepended with "php_admin_*" cannot be modified with subsequent definitions (even if they contain the php_admin_* prefix); they are final. Similarly, directives defined with php_admin_* will OVERWRITE any previous directives (even if they contain the php_admin_* prefix).

Further, directives defined with php_* have no effect if the equivalent php_admin_* directive has been defined (either before or after).

Finally, php_admin_* directives will overwrite their php_* equivalents.

Has anyone else encountered this issue?

Thanks in advance...
Reply With Quote
Sponsored Links