open_basedir with phpsuexec - not working?

anton_latvia

anton_latvia

Well-Known Member
PartnerNOC
May 11, 2004
432
47
178
Latvia
cPanel Access Level
Root Administrator
Hi,
Until this time we've never used phpsuexec, more or less it was enough with open_basedir and safe_mode=on on most sites. But now a lot users are complaining and want safe_mode to be off. That's why we set up special server with compiled phpsuexec and safe_mode=off. But...

Here is the case: open_basedir is not working anymore. Yes, it is set in WHM, but it is not working - I easily can read content of /etc/passwd (with simple php functions). Besides that phpsuexec is working great, but I really don't want anyone to sneak on my server's system files! Is it something that is not working with phpsuexec? How do you guys deal in this situation?

Best regards,
Anton.
 
chirpy

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
33
473
Go on, have a guess
IIRC, php open_basedir has no affect if you have phpsuexec enabled. You simply have to lock down directory file permissions as best you can. /etc/passwd is always a tricky one because it needs to be world readable to work.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
B Recommended open_basedir Web Servers and Applications 1
L In Progress [CPANEL-26292] Set open_basedir and disable_functions to NULL for PECL Web Servers and Applications 7
N Removed open_basedir patch from EasyApache 4 systems Web Servers and Applications 3
durangod what is the best way to modify open_basedir restriction to allow authorized items Web Servers and Applications 4
rs-freddo safemode, open_basedir and phpsuexec Web Servers and Applications 15
Similar threads
Recommended open_basedir
In Progress [CPANEL-26292] Set open_basedir and disable_functions to NULL for PECL
Removed open_basedir patch from EasyApache 4 systems
what is the best way to modify open_basedir restriction to allow authorized items
safemode, open_basedir and phpsuexec
Top Bottom