[BlueOnyx:10375] Re: open_basedir restriction in effect.
Stephanie Sullivan
ses at aviaweb.com
Fri Apr 27 13:44:28 -05 2012
> -----Original Message-----
> From: Michael Stauber [mailto:mstauber at blueonyx.it]
> Sent: Friday, April 27, 2012 11:57 AM
> To: BlueOnyx General Mailing List
> Subject: [BlueOnyx:10367] Re: open_basedir restriction in effect.
>
> Hi Stephanie,
>
> > Isn't the point of open_basedir to limit what a php script can open
> to
> > things that are in specific places? Doesn't it completely negate
> > open_basedir to simply assign it "/" making everything accessible
> to php -
> > certainly many configuration files, etc. that one might not desire
> be
> > visible to anyone. Effectively it removes the open_basedir
> directive.
>
> Of course. But hey, if people start to spread data all over the place
> and need
> their scripts to access /var and what not, then security is right out
> of the
> window anyway.
>
> With best regards
> Michael Stauber
Wasn't the directory outside their open_basedir their web root? If the web
root for a site isn't within the open_basedir, then I think something must
be amiss. The path that generated the error was: /home/.sites/70/site4/web/
a BX path to a web site root. I presume their own site's web root... Adding
that path to the open_basedir setting for that site would seem the more
prudent path...
Maybe I'm a little on the paranoid side, but given the number of exploits
running about the web I don't want to give up information about my server
more than I might. Open_basedir is an important part of that.
-Stephanie
More information about the Blueonyx
mailing list