The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

open_basedir with phpsuexec - not working?

Discussion in 'General Discussion' started by anton_latvia, Nov 6, 2006.

  1. anton_latvia

    anton_latvia Well-Known Member
    PartnerNOC

    Joined:
    May 11, 2004
    Messages:
    348
    Likes Received:
    3
    Trophy Points:
    18
    Location:
    Latvia
    cPanel Access Level:
    Root Administrator
    Hi,
    Until this time we've never used phpsuexec, more or less it was enough with open_basedir and safe_mode=on on most sites. But now a lot users are complaining and want safe_mode to be off. That's why we set up special server with compiled phpsuexec and safe_mode=off. But...

    Here is the case: open_basedir is not working anymore. Yes, it is set in WHM, but it is not working - I easily can read content of /etc/passwd (with simple php functions). Besides that phpsuexec is working great, but I really don't want anyone to sneak on my server's system files! Is it something that is not working with phpsuexec? How do you guys deal in this situation?

    Best regards,
    Anton.
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    IIRC, php open_basedir has no affect if you have phpsuexec enabled. You simply have to lock down directory file permissions as best you can. /etc/passwd is always a tricky one because it needs to be world readable to work.
     
Loading...

Share This Page