Solved

Restricting PHP's disk access to its own virtual host

Posted on 2004-03-28
1
210 Views
Last Modified: 2013-12-15
I have this setup:

- Red Hat 7.2
- PHP 4 (Apache module)
- Apache 1.3 (running as nobody:nobody)
and several name-based virtual hosts running on this system using the same IP.

I would like to set it so that PHP scripts running on a certain virtual host cannot access the other host's disk structure. In this way, www.domain.com's scripts won't be able to snoop through www.otherdomain.com's files.

Is this possible at all?

(I don't mind using PHP's Safe Mode at all if required)

Thank you.
0
Comment
Question by:poisa
1 Comment
 
LVL 9

Accepted Solution

by:
Alf666 earned 200 total points
ID: 10703002
Yep. You have to use safe_mode.

safe_mode = on

Then in your <VirtualHost>:

php_admin_flag engine on
php_admin_value open_basedir "/<whatever>/domain.com/htdocs:/tmp"

This makes /tmp a common storing place.

You you could also have a tmp directory in each of your domains tree.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question