The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

suPHP and open_basedir

Discussion in 'Security' started by Clouseau, Jan 21, 2015.

  1. Clouseau

    Clouseau Active Member

    Joined:
    Jan 17, 2015
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I'm reading this https://documentation.cpanel.net/display/1144Docs/PHP+open_basedir+Tweak

    so with suPHP this tweak is ignored and I have to create php.ini file with one line in it defining open_basedir. Right?

    If mod_PHP is used, this tweak sets open_basedir to this directories:
    "These directives limit users' PHP access to the following directories"
    /usr/lib/php
    /usr/local/lib/php
    /tmp

    So if php access is limited to thise directories, how can a script in /home/user/public_html/myscript.php call other php scripts in the same website ie/ home/user/public_html/* and subdirs OR write in /home/user/public_html/output/ because there is no "/home/user/public_html" in open_basedir stated above?
     
  2. Clouseau

    Clouseau Active Member

    Joined:
    Jan 17, 2015
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Also I have added php.ini file to /home/user/ with this in it:
    upload_max_filesize = 64M
    open_basedir = "/home/serverlab"

    But I can still access / through php and read root directory /. Can you tell me why?
     
Loading...

Share This Page