Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

open_basedir doesn't protect well...

Discussion in 'General Discussion' started by jandafields, Feb 3, 2005.

  1. jandafields

    jandafields Well-Known Member

    Joined:
    May 6, 2004
    Messages:
    428
    Likes Received:
    4
    Trophy Points:
    168
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    I am using a php script that allows me to enter a command into the browser, and it executes it with exec().

    If I say "ls /home" it says Permission denied

    However if I say "ls /etc" it works

    Here is my open_basedir config :

    php_admin_value open_basedir "/home/user/:/usr/lib/php:/usr/local/lib/php:/tmp:/home/sqmail"

    Why is it allowing access to /etc (and many more directories) but it does not allow access to anything in /home except the users own stuff.

    I am using suexec and phpsuexec.

    Phpsuexec-support is not checked in the Apache update checklist for building - I don't know what implications that has but that is another issue.
     
  2. jandafields

    jandafields Well-Known Member

    Joined:
    May 6, 2004
    Messages:
    428
    Likes Received:
    4
    Trophy Points:
    168
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    I can easily read lots of files (logs, conf, etc) from a normal users account using php and the browser - no shell access needed.

    Please help!
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,470
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    Yup, that's perfectly normal. If you want to stop that you need to disable the exec() and similar commands in php.ini - try a search on the forums.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. jandafields

    jandafields Well-Known Member

    Joined:
    May 6, 2004
    Messages:
    428
    Likes Received:
    4
    Trophy Points:
    168
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    How does it stop from viewing /home but not /etc?

    Also, disabling exec() system(), etc breaks certain commercially available php software.
     
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,470
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    Because of file permissions. /home is usually chmod 711 whereas /etc is 755 (I believe, my systems are locked down). These are common issue with shared web hosting and users will always be able to look around your server to a great extent. Restricting in PHP is something of a moot point, anyway, since you cannot do the same with perl scripts.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. jandafields

    jandafields Well-Known Member

    Joined:
    May 6, 2004
    Messages:
    428
    Likes Received:
    4
    Trophy Points:
    168
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Update: I seemed to have fixed this issue by using mod_security.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice