The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Creating a local php.ini

Discussion in 'General Discussion' started by Spokuz, Aug 4, 2006.

  1. Spokuz

    Spokuz Well-Known Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lisbon - Portugal
    cPanel Access Level:
    Root Administrator
    Hi all

    I have a user that needs t have the option safe_mode_exec_dir for one of his directories. I do not wish to configure this in /usr/local/lib/php.ini. I belive that I have read something about a local php.ini, just for the user, but know I cannot find it.

    Is it possible; has anyone made it already; do you know were I can find more info; what are the potential problems of giving him this access?


    Thank you all :D
     
  2. kris1351

    kris1351 Well-Known Member

    Joined:
    Apr 18, 2003
    Messages:
    963
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lewisville, Tx
    vi php.ini

    safe_mode = Off


    We have users that use the local php.ini for turning on register_globals and things of that sort.
     
  3. sumith

    sumith Well-Known Member

    Joined:
    May 9, 2005
    Messages:
    96
    Likes Received:
    2
    Trophy Points:
    8
    For doing that, you should have compile php with phpsuexec enabled. Then copy the php.ini to the user's home folder and then turn on safe_mode_exec_dir in his php.ini.

    (I havent done the same before though ;) )
     
  4. Spokuz

    Spokuz Well-Known Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lisbon - Portugal
    cPanel Access Level:
    Root Administrator
    I jus hate the idea of turning off safe_mode server wide :(

    I have already configured php_admin_flag safe_mode off" at httpd.conf for the user's domain.

    I am running php with suexec enable and I pasted php.ini at the public_html of the user, but it still wonk work!:S
     
    #4 Spokuz, Aug 4, 2006
    Last edited: Aug 4, 2006
  5. Mysteerie

    Mysteerie Well-Known Member

    Joined:
    Dec 29, 2003
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    16
    If you are running php 5.1.4 or 5.1.2, then php.ini's don't work in user dirs for some reason. There are work around if you search, however the easier way is just to downgrade to php 5.0.5.
     
  6. dreamwiz

    dreamwiz Well-Known Member

    Joined:
    Aug 28, 2003
    Messages:
    93
    Likes Received:
    0
    Trophy Points:
    6
    I opened a bug report to PHP about this, you can vote for it here: http://bugs.php.net/bug.php?id=38343
     
  7. Francisco

    Francisco Well-Known Member

    Joined:
    Jun 3, 2003
    Messages:
    99
    Likes Received:
    0
    Trophy Points:
    6
    Any fixes to this?

    I haven't found any threads that explain a workaround and it's NOT working on PHP 5.1.5

    Thanks
     
  8. dreamwiz

    dreamwiz Well-Known Member

    Joined:
    Aug 28, 2003
    Messages:
    93
    Likes Received:
    0
    Trophy Points:
    6
    I found out this feature has never been documented so it's not supported. It will not work with any 5.1.x at all and it will not be supported in the future releases neither. Last version I know it works with is 5.0.5.
     
  9. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,461
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    As noted in the PHP Manual PHP can also be configured within the httpd.conf and .htaccess files (the latter depending upon the settings of the Options directive). Using the original question as an example, to disable Safe Mode for a specific directory, one can do something like this:

    Code:
    <VirtualHost 127.0.0.1:80>
        ServerAlias www.example.com
        DocumentRoot /home/example/public_html
        <Directory /home/example/public_html/unsafe>
            php_admin_flag safe_mode off
        </Directory>
    </VirtualHost>
    
    Please note that when PHP 6 is released, Safe Mode is no more.

    If local php.ini is no longer available, users can gain similar abilities if you stipulate "Options AllowOverride" in their vhost block. Then they can configure PHP using php_value, php_admin_value, php_admin_flag and php_flag within their .htaccess file.

    Please note that this could allow them to do things that might compromise a server, or otherwise make it more susceptible to abuse.
     
  10. SoftDux

    SoftDux Well-Known Member

    Joined:
    May 27, 2006
    Messages:
    983
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Johannesburg, South Africa
    cPanel Access Level:
    Root Administrator
    Does anyone know what settings to use for Modernbill, if the server's global php.ini is set to register_globals = off?

    None of the suggestions above seems to have worked
     
  11. joshstein

    joshstein Active Member

    Joined:
    Feb 23, 2003
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
  12. krava

    krava Well-Known Member

    Joined:
    Sep 23, 2003
    Messages:
    149
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hi,

    did you try to disable safe_mode by adding

    php_value safe_mode 0

    in .htaccess of the user's account ? The file must be located in public_html.
     
Loading...

Share This Page