[BlueOnyx:10371] Re: open_basedir restriction in effect.

DD bqlist at distortal.com
Fri Apr 27 12:35:41 -05 2012 

Hi Michael, Stephanie,

I agree on both points, sadly this is us trying to accommodate a legacy
system while we try to convince them to upgrade. The only saving grace is
that these scripts are not publicly accessible. I'll take time to point all
this out again, however.

In the meantime, I tried clearing the open_basedir value in the admin panel
for this site, but on saving it is replaced with:

	
/tmp/:/var/lib/php/session/:/usr/sausalito/configs/php/:/home/.sites/70/site
4/

I tried replacing the value directly in /etc/http/conf/vhosts/site4 with
simple '/' but running the script from the shell comes back with:

PHP Warning:  file_exists(): open_basedir restriction in effect.
File(product_list.csv) is not within the allowed path(s):
(/tmp/:/var/lib/php/session/:/usr/sausalito/configs/php/) in
/home/.sites/70/site4/update_products.php on line 12

It looks like /tmp/:/var/lib/php/session/:/usr/sausalito/configs/php/ is
being appended to the lists of approved paths no matter what.


Dick


-----Original Message-----
From: blueonyx-bounces at mail.blueonyx.it
[mailto:blueonyx-bounces at mail.blueonyx.it] On Behalf Of Michael Stauber
Sent: 27 April 2012 16:57
To: BlueOnyx General Mailing List
Subject: [BlueOnyx:10367] Re: open_basedir restriction in effect.

Hi Stephanie,

> Isn't the point of open_basedir to limit what a php script can open to
> things that are in specific places? Doesn't it completely negate
> open_basedir to simply assign it "/" making everything accessible to php -
> certainly many configuration files, etc. that one might not desire be
> visible to anyone. Effectively it removes the open_basedir directive.

Of course. But hey, if people start to spread data all over the place and
need 
their scripts to access /var and what not, then security is right out of the

window anyway.

-- 
With best regards

Michael Stauber
_______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

More information about the Blueonyx mailing list