PHP SafeMode and open_basemap

[bersi]

Hi,
Hope this wasn't here earlier...
Her it comes, when enabling safeMode in ISP config both the safemode and the open_basedir flags are set. Well good of course but not very finegraded. A real life situation could be a php site using ImageMagick via systemcalls. This would be deffered throu the safeModeFlag. Switching SafeMode off in ispconfig helps, but than then openBasedir flag is unset too leaving a potential risky situation. Wouldnt it be an idea to switch those parameters independently?

[falko]

Do you have a detailed example where you would need this?

[bersi]

Quote:

using ImageMagick via systemcalls.

I've clients where imageMagick is used for image handling (better than gd) which are called form php with the system call. with safemode all system calls are disabled. This could be tuned by the execdir flag but i dont know if this would be very compatible with all the different linuxes.
The open_basedir flag operates on its own, so using this security feature does not reley on safemode. In my view the open_basedir should always be set on a shared server. If the safemode would be operated seperatly in isp config on could allow system calls (safemode off) but still limit the scope of php to the open basdir settings. See also the numerous posts on cms and other software pacjages where the safemode has to be set off. In most of them even with safe mode off there could be extra security with the beasedir setting in effect.

Now ispconfig toggles both at the same time, so you get safemode with openbasedir or no safemode with no openbasedir.

hope thats enough to make my case?

[falko]

Ok, let me check this...

[bersi]

Thanks!
and now i have to think up some text to fill the reply

[dasjoen]

Quote:

Originally Posted by falko

Ok, let me check this...

I would also like open_basedir etc. to be separate from the "Safe Mode" checkbox.

An alternative way would of course be to check "Safe Mode" (to get open_basedir), and then to put "php_admin_flag safe_mode Off" into Apache Directives. This doesn't work, however, because the Apache Directives stuff gets inserted above the safe mode stuff in Vhosts_ispconfig.conf. Is there a reason for this?

[falko]

You could modify the vhosts.conf master template in /root/ispconfig/isp/conf and move the Apache Directives placeholder below the other directives.

[djtremors]

I suggest to just do what I do and patch /root/ispconfig/scripts/lib/config.lib.php

$php .= "\nphp_admin_flag safe_mode On
to
$php .= "\nphp_admin_flag safe_mode Off

And leave safemode On in each Vhost. Safemode will be off really but all the other nice options are On. this also fixes problems with things like Joomla etc (unless you use 1.5) and other uploaded file problems.