[BlueOnyx:08197] Re: open_basedir bug in the SuPHP
Michael Stauber
mstauber at blueonyx.it
Mon Aug 22 23:10:07 -05 2011
Hi Jason,
> Michael can you confirm this major bug please and suggest a fix?
No, this is not a bug.
It's a long known imperfection of our suPHP integration:
It's primary benefit being that PHP scripts run with the UID and GID of the
owner of the scripts (instead of user "apache").
While using suPHP is more secure, our implementation had the drawback that
only the server wide PHP settings would apply. But *not* those individually
configured for the site.
Especially in conjunction with the "open_basedir" directive this caused
problems and/or confusion.
As this has been a thorn in my side for too long, I just released an update
for 5106R and 5107R which resolves the issue in the best possible way.
See the separate anouncement I'll post in a minute, or read up on it here:
http://www.blueonyx.it/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=94&cntnt01origid=54&cntnt01pagelimit=4&cntnt01returnid=54
--
With best regards
Michael Stauber
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20110823/faa8cbf3/attachment.html>
More information about the Blueonyx
mailing list