open_basedir with phpsuexec - not working?

anton_latvia

Well-Known Member
PartnerNOC
May 11, 2004
387
12
168
Latvia
cPanel Access Level
Root Administrator
Hi,
Until this time we've never used phpsuexec, more or less it was enough with open_basedir and safe_mode=on on most sites. But now a lot users are complaining and want safe_mode to be off. That's why we set up special server with compiled phpsuexec and safe_mode=off. But...

Here is the case: open_basedir is not working anymore. Yes, it is set in WHM, but it is not working - I easily can read content of /etc/passwd (with simple php functions). Besides that phpsuexec is working great, but I really don't want anyone to sneak on my server's system files! Is it something that is not working with phpsuexec? How do you guys deal in this situation?

Best regards,
Anton.
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,462
25
473
Go on, have a guess
IIRC, php open_basedir has no affect if you have phpsuexec enabled. You simply have to lock down directory file permissions as best you can. /etc/passwd is always a tricky one because it needs to be world readable to work.