Tweak Security: PHP Open_basedir Not Working

mmkassem

Well-Known Member
Oct 21, 2002
390
0
166
Egypt
This feature does not work because it should use php_admin_value instead of php_value for it to work.

Also you should add /usr/local/lib/php and /usr/lib/php to paths allowed to allow users to use pear scripts and others.

(at least /usr/local/lib/php , I do not think there is harm from /usr/lib/php)

- This will break the central Sqmail installed ? (not the cpanel version)

Sure, users using it must have directory setting in httpd.conf for sqmail folder having:

php_admin_value "/path/to/sqmail:/tmp:/path/to/attachments:/usr/local/lib/php"

Cpanel Support: Please check the ticket.

cPanel.net Support Ticket Number: 18260

cPanel.net Support Ticket Number:
 

dthigpen

Active Member
May 29, 2003
38
0
156
Apex, NC
I submitted this bug the day after the php security tweak feature was put into the edge releases. I recieved a response saying that they would forward it to the dev team. It was never fixed. So now I have to manually update the phpopenbasectl every time I update cpanel, sort of annoying. Hopefully they actually make this extremely simple fix sometime.

cPanel.net Support Ticket Number:
 

mmkassem

Well-Known Member
Oct 21, 2002
390
0
166
Egypt
Originally posted by dthigpen
I submitted this bug the day after the php security tweak feature was put into the edge releases. I recieved a response saying that they would forward it to the dev team. It was never fixed. So now I have to manually update the phpopenbasectl every time I update cpanel, sort of annoying. Hopefully they actually make this extremely simple fix sometime.

cPanel.net Support Ticket Number:
Strange :(
I have a ticket too but since August 4th and it was not replied to it.

Can you submit your modifications here please?

cPanel.net Support Ticket Number:
 
Last edited:

trparky

Well-Known Member
Apr 23, 2003
184
1
168
And what script are you talking about?

cPanel.net Support Ticket Number:
 

mmkassem

Well-Known Member
Oct 21, 2002
390
0
166
Egypt
Thanks
dthigpen, I done that from few days but Cpanel should fix it and add /usr/local/lib/php to the base folders.

Originally posted by trparky
And what script are you talking about?

cPanel.net Support Ticket Number:
phpopenbasectl

cPanel.net Support Ticket Number:
 

infinityws

Well-Known Member
Feb 20, 2003
110
0
166
Theres something in the changelog today about that. I think its fixed.

cPanel.net Support Ticket Number:
 

mmkassem

Well-Known Member
Oct 21, 2002
390
0
166
Egypt
Originally posted by infinityws
Theres something in the changelog today about that. I think its fixed.

cPanel.net Support Ticket Number:
Wow .. Just saw it. Finally the look at my ticket or post.

Mon Jul 21 10:56:51 EDT 2003
7.x Build#69
----------------------------------------------------

add /usr/lib/php and /usr/local/lib/php to php open base dir protection
change php_value to php_admin_value
cPanel.net Support Ticket Number:
 

Jeff75

Well-Known Member
Apr 11, 2003
555
0
166
I am running the latest 7.x STABLE release on FreeBSD and this bug hasn't been fixed. I just created a ton of new accounts and they all have "php_value" instead of "php_admin_value".

It's going to take forever to go in and change all of these settings!! UHHH

cPanel.net Support Ticket Number:
 

mmkassem

Well-Known Member
Oct 21, 2002
390
0
166
Egypt
Originally posted by Jeff75
I am running the latest 7.x STABLE release on FreeBSD and this bug hasn't been fixed. I just created a ton of new accounts and they all have "php_value" instead of "php_admin_value".

It's going to take forever to go in and change all of these settings!! UHHH

cPanel.net Support Ticket Number:
It was fixed here (Linux), you should open a ticket about it.

cPanel.net Support Ticket Number:
 

mmkassem

Well-Known Member
Oct 21, 2002
390
0
166
Egypt
Try the following:
/scripts/updatenow

and in WHM disable openbase dir protection and enable it again.

cPanel.net Support Ticket Number:
 

Jeff75

Well-Known Member
Apr 11, 2003
555
0
166
Thank you very much! That saved me a lot of time! :)

cPanel.net Support Ticket Number:
 

mmkassem

Well-Known Member
Oct 21, 2002
390
0
166
Egypt
Originally posted by Jeff75
Thank you very much! That saved me a lot of time! :)

cPanel.net Support Ticket Number:
U R welcome :cool:

cPanel.net Support Ticket Number: