Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Tweak Security: PHP Open_basedir Not Working

Discussion in 'Security' started by mmkassem, Jul 18, 2003.

  1. mmkassem

    mmkassem Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Egypt
    This feature does not work because it should use php_admin_value instead of php_value for it to work.

    Also you should add /usr/local/lib/php and /usr/lib/php to paths allowed to allow users to use pear scripts and others.

    (at least /usr/local/lib/php , I do not think there is harm from /usr/lib/php)

    - This will break the central Sqmail installed ? (not the cpanel version)

    Sure, users using it must have directory setting in httpd.conf for sqmail folder having:

    php_admin_value "/path/to/sqmail:/tmp:/path/to/attachments:/usr/local/lib/php"

    Cpanel Support: Please check the ticket.

    cPanel.net Support Ticket Number: 18260

    cPanel.net Support Ticket Number:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. dthigpen

    dthigpen Active Member

    Joined:
    May 29, 2003
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Apex, NC
    I submitted this bug the day after the php security tweak feature was put into the edge releases. I recieved a response saying that they would forward it to the dev team. It was never fixed. So now I have to manually update the phpopenbasectl every time I update cpanel, sort of annoying. Hopefully they actually make this extremely simple fix sometime.

    cPanel.net Support Ticket Number:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. mmkassem

    mmkassem Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Egypt
    Strange :(
    I have a ticket too but since August 4th and it was not replied to it.

    Can you submit your modifications here please?

    cPanel.net Support Ticket Number:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 mmkassem, Jul 19, 2003
    Last edited: Jul 19, 2003
  4. dthigpen

    dthigpen Active Member

    Joined:
    May 29, 2003
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Apex, NC
    Just change all instances of php_value to php_admin_value in the script and all works dandy. (There are three instances)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. trparky

    trparky Well-Known Member

    Joined:
    Apr 23, 2003
    Messages:
    184
    Likes Received:
    1
    Trophy Points:
    168
    And what script are you talking about?

    cPanel.net Support Ticket Number:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. mmkassem

    mmkassem Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Egypt
    Thanks
    dthigpen, I done that from few days but Cpanel should fix it and add /usr/local/lib/php to the base folders.

    phpopenbasectl

    cPanel.net Support Ticket Number:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. infinityws

    infinityws Well-Known Member

    Joined:
    Feb 20, 2003
    Messages:
    110
    Likes Received:
    0
    Trophy Points:
    166
    Theres something in the changelog today about that. I think its fixed.

    cPanel.net Support Ticket Number:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. mmkassem

    mmkassem Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Egypt
    Wow .. Just saw it. Finally the look at my ticket or post.

    cPanel.net Support Ticket Number:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. Jeff75

    Jeff75 Well-Known Member

    Joined:
    Apr 11, 2003
    Messages:
    555
    Likes Received:
    0
    Trophy Points:
    166
    I am running the latest 7.x STABLE release on FreeBSD and this bug hasn't been fixed. I just created a ton of new accounts and they all have "php_value" instead of "php_admin_value".

    It's going to take forever to go in and change all of these settings!! UHHH

    cPanel.net Support Ticket Number:
     
  10. mmkassem

    mmkassem Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Egypt
    It was fixed here (Linux), you should open a ticket about it.

    cPanel.net Support Ticket Number:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. mmkassem

    mmkassem Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Egypt
    Try the following:
    /scripts/updatenow

    and in WHM disable openbase dir protection and enable it again.

    cPanel.net Support Ticket Number:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. Jeff75

    Jeff75 Well-Known Member

    Joined:
    Apr 11, 2003
    Messages:
    555
    Likes Received:
    0
    Trophy Points:
    166
    Thank you very much! That saved me a lot of time! :)

    cPanel.net Support Ticket Number:
     
  13. mmkassem

    mmkassem Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Egypt
    U R welcome :cool:

    cPanel.net Support Ticket Number:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice