Hi, Hope this wasn't here earlier... Her it comes, when enabling safeMode in ISP config both the safemode and the open_basedir flags are set. Well good of course but not very finegraded. A real life situation could be a php site using ImageMagick via systemcalls. This would be deffered throu the safeModeFlag. Switching SafeMode off in ispconfig helps, but than then openBasedir flag is unset too leaving a potential risky situation. Wouldnt it be an idea to switch those parameters independently?