[BlueOnyx:04974] Re: 5106R YUM updates (suPHP)
Michael Stauber
mstauber at blueonyx.it
Wed Jul 7 04:57:58 -05 2010
Hi Abdul,
> It appears that when suPHP is enabled the open_basedir doesn't get parsed
> correctly:
>
> With suPHP enabled:
>
> /tmp/:/var/lib/php/session/
>
> Without suPHP disabled:
>
> /tmp/:/var/lib/php/session/:/home/.sites/2/site87/
That is more or less correct. suPHP uses php-cgi to parse PHP scripts, so it
also will use the "default" values from php.ini. That'll also cause that it
ignores the "php_admin_flag" and "php_admin_value" settings that we otherwise
use to force a site to different PHP settings. Hence you see the "shorter"
open_basedir line in your phpinfo() output which is missing the site's
document root.
However: It also means that 'open_basedir' is entirely ignored if suPHP is
enabled and scripts that run through suPHP are not affected by 'open_basedir'
at all. I just tested that and I'm not entirely happy with this. Will have to
see if there is a way to straighten that one out.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list