I am trying to restrict user to it's own home directory. You are able to see all files on server without open_basedir restriction and with open_basedir restriction, we can only achive limiting user to /home folder but not their user folder, therefore, they can still see user account listing with simple php shell. Anyway to fix this?
Server is running CENTOS 5.6 x86_64 with suphp and suexec enabled.
suphp was installed via cPanel EasyApache
suphp can only read files which have read permissions of user, group and/or global.
files with permissions of "-rw-r--r-- username username" are readable by all users, since it have global read set.
files with permissions of "-rw-r----- username username" are readable only by "username/username".
therefore, you need to have permissions for files or dirs without global read set, if you dont want everyone to see them.
also you must know that apache runs as "nobody" so you need global read, or group "nobody" read on files/dirs that apache needs to access.