1

I tried to add this line to my virtual hosts in Apache, but failed:

php_admin_value open_basedir "/var/www/users/test"

My installation:

root# apt-get install apache2 apache2-suexec libapache2-mod-fcgid php5-cgi

Any ideas?

Something I noticed in php manual that worried me enough (http://www.php.net/manual/en/ini.list.php): open_basedir is marked as PHP_INI_ALL meaning "Entry can be set anywhere" so, even at run-time a user can change it or am I having wrong?*

(*: confirmed, user can NOT change it at run-time)

Improve this question

1 Answer 1

Reset to default
0

Setting php ini options in the apache config only affects php when running as an apache module. For CGI / FastCGI, the setting need to be added to the php.ini (or via ini_set - but this doesn't make much sense for open_basedir unless it's via an auto-prepend).

Improve this answer
1
  • So, we can simply set it at php.ini as long as user is not allowed to edit it! 'auto-prepend' feature gives me some ideas for increased security(?!). Thanks. Commented Apr 11, 2013 at 9:50

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.