Re: [PHP] How to solve include_path / safe_mode / open_basedir /document_root
PHP4: 4.3.2 Likewise, my intention is to restrict the user within '/home/ahank/public_html' when using fopen(), but allow the user to use include() on files in '/usr/local/share/wl'. Here is my VirtualHost config: php_admin_flag register_globals Off php_admin_flag safe_mode On php_admin_flag safe_mode_gid On php_admin_value include_path /usr/local/share/wl php_admin_value safe_mode_include_dir /usr/local/share/wl php_admin_value open_basedir /home/ahank/public_html However, I get this error when loading a page which includes files in this shared directory: Warning: main(): open_basedir restriction in effect. File(/usr/local/share/wl/hahaha.php) is not within the allowed path(s): (/home/ahank/public_html) in /home/ahank/public_html/test.php on line 3 Warning: main(hahaha.php): failed to open stream: Operation not permitted in /home/ahank/public_html/test.php on line 3 Warning: main(): Failed opening 'hahaha.php' for inclusion (include_path='/usr/local/share/wl') in /home/ahank/public_html/test.php on line 3 It would seem that 'safe_mode_include_dir' has nothing to do with 'open_basedir'. Is there an equivalent to 'open_basedir_include_dir' which will allow one to only interpret files by way of include/require? - hank -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How to solve include_path / safe_mode / open_basedir /document_root ?
Hi, I host some virtual servers in a Linux/apache/php 4 enviroment. I'd like to set up as secure as possible since the users have ftp access to upload files. So each virtual domain has a safe_mode/open_basedir settings in order to make it difficult to mess with each other's files. Unfortunatelly this seems to have a side effect. Whenever I need to provide tools/classes such as Jpgraph, Smarty and so on I have to copy to the user's directory since the include_path could not reach outside the document root/open_basedir directory. So, is there a way to configure so I have a secure enviroment and yet be able to define a common repository. Regards. __ Do you Yahoo!? Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop! http://platinum.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to solve include_path / safe_mode / open_basedir /document_root?
/safe_mode_include_dir/ *string* cid:[EMAIL PROTECTED] UID/GID checks are bypassed when including files from this directory and its subdirectories (directory must also be in include_path cid:[EMAIL PROTECTED] or full path must including). As of PHP 4.2.0, this directive can take a *semi-colon separated path* in a similar fashion to the include_path cid:[EMAIL PROTECTED] directive, rather than just a single directory. Robert Mena wrote: Hi, I host some virtual servers in a Linux/apache/php 4 enviroment. I'd like to set up as secure as possible since the users have ftp access to upload files. So each virtual domain has a safe_mode/open_basedir settings in order to make it difficult to mess with each other's files. Unfortunatelly this seems to have a side effect. Whenever I need to provide tools/classes such as Jpgraph, Smarty and so on I have to copy to the user's directory since the include_path could not reach outside the document root/open_basedir directory. So, is there a way to configure so I have a secure enviroment and yet be able to define a common repository. Regards. __ Do you Yahoo!? Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop! http://platinum.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php