php open_basedir Protection not working???

Weed

Active Member
Mar 18, 2003
28
0
151
Okay... this is weird... Someone on my server can actually execute a script calling on another file inside another account...

the Protection is on... and no sites are excluded... how can it possibly still work?

~Weed
 

Marty

Well-Known Member
Oct 10, 2001
630
1
318
How are they calling that file? include? or are they just getting the html output of that file?
 

Marty

Well-Known Member
Oct 10, 2001
630
1
318
Okay, that is bad then. I don't know the answer that question.
 

haze

Well-Known Member
Dec 21, 2001
1,548
3
318
Does the users virtualhost entry look correct? What is the ownership of the file that was called? Do you have phpSuExec on?
 

Weed

Active Member
Mar 18, 2003
28
0
151
I'm just reformatting... just have to wait for managed.com to get off their asses :S

~Weed
 

Weed

Active Member
Mar 18, 2003
28
0
151
Because I don't know what I'm doing :P

I don't know if PHPSuExec is on.. how do I find that out?

~Weed
 

haze

Well-Known Member
Dec 21, 2001
1,548
3
318
Originally posted by Weed
Because I don't know what I'm doing :P

I don't know if PHPSuExec is on.. how do I find that out?

~Weed
If you don't know what it is, chances are you don't have it installed. I certainly hope you aren't hosting any paying clients on this machine, and if you are, I hope they are aware of the fact that you have no idea what you are doing. :rolleyes: