View Single Post
  #2  
Old 16th December 2011, 20:07
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 395
Thanks: 30
Thanked 58 Times in 50 Posts
Default

The PHP documentation is misleading. Apparently, the statement

Quote:
As an Apache module, open_basedir paths from parent directories are now automatically inherited.
means that if the open_basedir directive is defined as such

Code:
<Directory /var/www/example.com>
php_value open_basedir "/tmp:/var/www/example.com/web"
</Directory>
then a script in /var/www/example.com/web will have access to /tmp. It does NOT mean that more specific open_basedir values may be defined for child directories to create a "cascading" or "stacking" effect.

So, adding to the above directive something like

Code:
<Directory /var/www/example.com/web/modules>
php_value open_basedir "/var/www/example.com/protected/includes"
</Directory>
will NOT make the effective open_basedir for /var/www/example.com/web/modules

"/tmp:/var/www/example.com/web:/var/www/example.com/protected/includes"


but rather so doing will OVERWRITE the parent directory's open_basedir definition and make the effective open_basedir

"/var/www/example.com/protected/includes"


It seems prudent to open a bug report for the PHP documentation and request that this statement be clarified.
Reply With Quote