|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #46925 when open_basedir="." the working directory is set to the executable location
Submitted: 2008-12-22 11:55 UTC Modified: 2017-10-24 07:50 UTC
Avg. Score:2.5 ± 0.9
Reproduced:3 of 4 (75.0%)
Same Version:2 (66.7%)
Same OS:3 (100.0%)
From: eyal at zend dot com Assigned:
Status: Open Package: Safe Mode/open_basedir
PHP Version: 5.2.8 OS: Windows *
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: eyal at zend dot com
New email:
PHP Version: OS:


 [2008-12-22 11:55 UTC] eyal at zend dot com
NOTE: Tested with FastCGI module on IIS 7.
1. Verify you have info.php in your docroot.
2. Set the directive open_basedir="."
3. Request the script info.php

Reproduce code:
<?php phpinfo(): ?>

Expected result:
The phpinfo() output

Actual result:
PHP Warning:  Unknown: open_basedir restriction in effect. File(C:\inetpub\wwwroot\info.php) is not within the allowed path(s): (.) in Unknown on line 0

To verify the location that is not restricted you can do the following:
Add a virtual directory to the default web site with a physical path of the php-fastCGI.exe and put the info.php there as well.

Now you can see that when requesting the file from the virtual directory you will receive the phpinfo() output.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2008-12-23 15:00 UTC]
Do we really want to support relative path? It may (incidentally) have worked before but I can't think of any sane usage of a relative path for open_basedir.
 [2017-10-24 07:50 UTC]
-Status: Assigned +Status: Open -Assigned To: dmitry +Assigned To:
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Tue Oct 20 00:01:24 2020 UTC