Solved

Restricting PHP's disk access to its own virtual host

Posted on 2004-03-28
1
208 Views
Last Modified: 2013-12-15
I have this setup:

- Red Hat 7.2
- PHP 4 (Apache module)
- Apache 1.3 (running as nobody:nobody)
and several name-based virtual hosts running on this system using the same IP.

I would like to set it so that PHP scripts running on a certain virtual host cannot access the other host's disk structure. In this way, www.domain.com's scripts won't be able to snoop through www.otherdomain.com's files.

Is this possible at all?

(I don't mind using PHP's Safe Mode at all if required)

Thank you.
0
Comment
Question by:poisa
1 Comment
 
LVL 9

Accepted Solution

by:
Alf666 earned 200 total points
ID: 10703002
Yep. You have to use safe_mode.

safe_mode = on

Then in your <VirtualHost>:

php_admin_flag engine on
php_admin_value open_basedir "/<whatever>/domain.com/htdocs:/tmp"

This makes /tmp a common storing place.

You you could also have a tmp directory in each of your domains tree.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I am a long time windows user and for me it is normal to have spaces in directory and file names. Changing to Linux I found myself frustrated when I moved my windows data over to my new Linux computer. The problem occurs when at the command line.…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now