open_basedir - not working for addon domains.

Hi,

As I understand, open_basedir's purpose is to limit a PHP file access to other resources, other than it's DocumentRoot. Fine until here.

Let's say I have cPanel account, "www.somesite.com" which has path /home/somesite/(public_html/), as a main domain.

And in my account, I want to add an Addon Domain, "www.othersite.com", which will point to: /home/somesite/www_othersite as DocumentRoot.

As I enable open_basedir, I expect that for each of my Addon Domain, its access to be limited to DocumentRoot ( /home/somesite/www_othersite in our situation) , NOT to users root folder (/home/somesite/);

I find this issue as being a bug; is there any known work around or should I report it somewhere using a ticket, so it can be fixed?

Regards,
A.

 

Hi secureconfig,

Your question doesn't make any sense, as according to cPanel documentation, open_basedir setting does not get activated from php.ini, but from /usr/local/apache/conf/httpd.conf, where the VirtualHosts are generated, and they look like this:

<IfModule concurrent_php.c>
php4_admin_value open_basedir "path_to_users_dir:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp"
php5_admin_value open_basedir "/home/path_to_users_dir:/usr/lib/php:/usr/local/lib/php:/tmp"
</IfModule>

The thing is... it should be path_to_document_root, not to users_dir if you get what I'm saying

I'll report a ticket with this issue.
Thanks anyway.

 

Hi Michael,

Ticket ID is 5955853 and still under investigation;
Hope it will get fixed ASAP.

Regards,
A.

 

After talking with a cPanel representative... they don't see this as a bug.
They think that this can this can be a feature... so I have to make a "feature request";

But... can somebody tell me, what is the purpose of open_basedir in cPanel option?
I mean, what's the point of using open_basedir to the users folder, and not to the domain root?

I still don't get it...

 

Just to update the topic... I managed to implement a solution which will solve this problem.
See this topic: http://forums.cpanel.net/f402/suphp-open_basedir-together-improved-security-448482.html .

Regards.