HOME Community Articles Code Library People Mail Archive My Account Contribute PHP Jobs

Open Source Database Feature Comparison Matrix Try Declarative Programming with Annotations and Aspects Locate All Stored Procedures and Their Objects/SQL Tables Building a Stored Procedure Generator Making Tables Read-only in Oracle

24-hour Support Daily Backup Dedicated Servers JSP/Java Servlets PHP MySQL Streaming Audio/Video Telnet/SSH Unix Hosting 24-hour Support

From: a.genkin <email protected>
Date: 07/06/01

• Next message: drloh <email protected>: "[PHP-DEV] Bug #11942:"
• Previous message: sthomas <email protected>: "[PHP-DEV] Bug #11941: Not checking allow_persistent"
• Next in thread: jason <email protected>: "[PHP-DEV] Bug #11940 Updated: ill side effect of open_basedir"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

ID: 11940
User Update by: a.genkin <email protected>
Old-Status: Closed
Status: Open
Bug Type: PHP options/info functions
Operating system: Solaris 8/sparc
PHP Version: 4.0.6
Description: ill side effect of open_basedir

I may be missing something, but there is no include() or any other file-related operation in the sample script that I posted. All it has is 'echo "hello"'.

Previous Comments:
---------------------------------------------------------------------------

[2001-07-06 17:43:40] jason <email protected>

This is not a bug, include calls a file open operation,
and as such must be in the open_basedir path

-Jason

---------------------------------------------------------------------------

[2001-07-06 17:36:45] a.genkin <email protected>

safe_mode = On
doc_root = /homes/u0/apache
open_basedir = "/var/www/htdocs/workathome:/var/www/secure:/var/www/tmp"
(/var/www is a symlink for /homes/u0/apache)

In such a setting I should be able to execute PHP scripts from any directory under /homes/u0/apache, but not access any files unless they are under one of the directories in open_basedir. However, I cannot place any scripts in, say, /homes/u0/apache/cdf/deadlines/. A minimal file foo.php, saved there, containing only:

<?php echo "<html><body>Hello</body></html>"; ?>

Results in the script not executed, with the following error messages:

[Fri Jul 6 17:24:53 2001] [error] PHP Warning: open_basedir restriction in effect. File is in wrong directory in Unknown on line 0
[Fri Jul 6 17:24:53 2001] [error] PHP Warning: Failed opening '/homes/u0/apache/htdocs/cdf/deadlines/foo.php' for inclusion (include_path='') in Unknown on line 0

open_basedir's documentation says that it should only restrict directories from where a file can be opened by a PHP script.
http://www.php.net/manual/en/configuration.php

Many thanks,

-- 
Arcady Genkin
---------------------------------------------------------------------------
Full Bug description available at: http://bugs.php.net/?id=11940
-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: php-dev-unsubscribe <email protected>
For additional commands, e-mail: php-dev-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>

• Next message: drloh <email protected>: "[PHP-DEV] Bug #11942:"
• Previous message: sthomas <email protected>: "[PHP-DEV] Bug #11941: Not checking allow_persistent"
• Next in thread: jason <email protected>: "[PHP-DEV] Bug #11940 Updated: ill side effect of open_basedir"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]