• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

PHP open_basedir

Dark Atheist

Moderator
Staff member
Political User
#1
if im reading this right i only need to add the dir of the webserver, so is it just /www or /home/www i have to put in there?

/home/www is set as doc root in httpd.conf - so im leaning towards that
 

JPRuss

OSNN Addict
#2
If you want top prevent fopen from accessing anything outside of /home/www then your open_basedir should be set to /home/www/ (note the slash at the end)

If you don't have the slash on the end, it will allow access to any varients of /home/www as well (eg: /home/www1 /home/wwwmyweb, etc)

If you put just /www/ it would allow access to only things in the directory /www, which I'm guessing does not exist and would probably cause all fopens to fail as well as other functions

Hope this helps.
 

X-Istence

*
Political User
#8
That does not say anything against using open_basedir. It just says it is flawed by design, but it is still a valid part of setting up a properly protected PHP.
 
#12
Okay, good luck. It seems odd that a change to open_basedir would affect the ability to actually read the files.

A few quick things to check

a) are your actual web files stored in the directory /home/www ?
b) Do the directory containing the files have the correct permissions
c) Is it possible the directory is /home/WWW/ instead of /home/www/ (case senstivite
d) Perhaps the specific includes within your files try to access other files outside of /home/www/ if this is the case, then you are actually getting the correct error.

Hope this helps
 

Dark Atheist

Moderator
Staff member
Political User
#13
a) yes
b) yes
c) deff /home/www
d) doing it on scripts that do not require files out side the root folder

having a look now, can you add more than one path to that option ?

Warning: session_start() [function.session-start]: open_basedir restriction in effect. File(/var/tmp) is not within the allowed path(s): (/home/www) in /usr/home/www/phpg/libraries/lib.inc.php on line 56

Fatal error: session_start() [<a href='function.session-start'>function.session-start</a>]: Failed to initialize storage module: files (path: ) in /usr/home/www/phpg/libraries/lib.inc.php on line 56

although on others it giving different error(s) or a blank screen, im guessing its because eaccelerator cant access its temp file also and therefore the pages cant look at the cache folder, or could i fool it will a few symlinks ?
 

Dark Atheist

Moderator
Staff member
Political User
#16
i got it working :p - although there is a symlink to /home php doesnt like it so the /home/www ws correct in one way, but the line needed to be /usr/home/www:/var/tmp:/usr/home/_g2data - otherwise some pages did work while others just went to a blank screen :)

edit: i would rep you jpruss but seems i need to dpread it about a bit before i can rep you again :rolleyes:
 

Members online

No members online now.

Latest posts

Latest profile posts

Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,961
Messages
673,239
Members
89,013
Latest member
Pdawgintown