Hi,
I have the folowing problem under PHP 4.0.6 running as a module with Apache
1.3.22. I want to give my users access to PHP as an Apache module but I
want to restrict what they can do with open_basedir, safe_mode,... so they
don't have the right to access other's files. I have a problem with
open_basedir. A user cannot include or open a file with a RELATIVE PATH.
He must absolutely give an absolute path in order to work. If he uses a
relative path, he gets the following errors:
-for the OPEN:
Warning open_basedir restriction in effect. File is in wrong directory in
/u/d/e/delisle/public_html/Crypto/testopen.php on line 2
Warning: fopen("inclure","r") - Not owner in
/u/d/e/delisle/public_html/Crypto/testopen.php on line 2
- for the INCLUDE:
Warning: open_basedir restriction in effect. File is in wrong directory in
/u/d/e/delisle/public_html/Crypto/testinclude.php on line 2
Warning: open_basedir restriction in effect. File is in wrong directory in
/u/d/e/delisle/public_html/Crypto/testinclude.php on line 2
Warning: Failed opening 'inclure' for inclusion
(include_path='.:/p/php4/lib/php') in
/u/d/e/delisle/public_html/Crypto/testinclude.php on line 2
Here is the portion of my access.conf file that relates to that user:
Directory "/u/d/e/foo/public_html/">
Options Indexes IncludesNOEXEC ExecCGI FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
AddHandler cgi-script .cgi .pl .php3 .phtml
<IfModule mod_php4.c>
AddType application/x-httpd-php .php
php_flag engine on
php_admin_value safe_mode_exec_dir "/u/d/e/foo/public_html/"
php_admin_value safe_mode 1
php_admin_value doc_root "/u/d/e/foo/public_html/"
php_admin_value open_basedir "/u/d/e/foo/public_html/"
php_admin_value user_dir "/u/d/e/foo/public_html/"
</IfModule>
</Directory>
Knowing that the include path is by default ".", I even tried putting
php_admin value include_path "/u/d/e/foo/public_html/".
It works if both the calling file and the included file are directly in
"/u/d/e/foo/public_html/" but not if the included file is in a subdirectory
of "/u/d/e/foo/public_html/". I would like the include and open to work
from anywhere in the "/u/d/e/foo/public_html/" tree to anywhere in the
"/u/d/e/foo/public_html/" tree. It seems to me like a normal behaviour to
expect. Is there a way also to configure such a thing at a higher level, so
that every user's public_html is configured like that?
Thanks
Patrick Cossette
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
