[BlueOnyx:01575] Re: how to allow php to modify files in other virtual sites than the current

[Michael Stauber]

Hi Florian,

> i added "/home" to the variable, not "/home/" - still, i get
> "open_basedir restriction in effect. File(/www/xxx/web/data/xxx/yyy.xml) is
> not within the allowed path(s): (/home:/www:/home/.sites/xxx/sitex/)"
>
> which I find rather confusing, because everything below /www and /home
> should be allowed. (/www is just a comfortable symlink to /home/sites)

Adding "/home" (or "/home/") to "open basedir" is no longer supported in 
BlueOnyx due to security concerns. 

The reason is: It pretty much invalidates the entire open basedir restrictions 
if scripts of siteX can access all content of any other sites.

The only way around it (at the moment and for the time being) is to manually 
edit /etc/httpd/conf/vhosts/siteX and to adjust the open_basedir line in 
there. But of course changing the web settings for that site through the GUI 
may then overwrite your changes.

Alternatively you could create a directory on a separate partition and use 
that one for such content that's shared between sites. Like "/var/sharedweb" 
and then add that to the open_basedir line.

-- 
With best regards

Michael Stauber