php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #23277 Apache safe_mode and open_basedir not enough
Submitted: 2003-04-18 23:24 UTC Modified: 2005-01-31 23:25 UTC
Votes:1
Avg. Score:4.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: flatface at flatface dot net Assigned:
Status: Not a bug Package: Safe Mode/open_basedir
PHP Version: 4.3.0 OS: *nix
Private report: No CVE-ID: None
 [2003-04-18 23:24 UTC] flatface at flatface dot net
I'm sorry for addressing it here, but I can't find anywhere else to put it. I sysadmin a system with 1200 users, and I can't seem to find the appropriate security to apply with php. suexec is fine with this shared resoruce server, but with open_basedir, the most I can do is disallow viewing of files below the script's location. With safe_mode on, it goes overboard and disables a LOT of important functions that people use (e.g. shell_exec), and even when people create files, it's still chowned by apache and not the user. If mod_php could act a bit more like suexec and run as the user in mod_php.

This is on php 4.3.0 on Gentoo Linux.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-04-21 09:58 UTC] sniper@php.net
Not PHP problem.

 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Mon Apr 22 18:01:27 2019 UTC