Results 1 to 3 of 3
  1. #1
    Join Date
    Apr 2004

    well known: php safemode + open_basedir

    I want set php safe mode on on my apache-php server but still allow user to acces any file of any chown if it is in his dir /home/user/

    to do this I enabled safemode in php.ini

    and in httpd.conf
    php_admin_value safe_mode_include_dir /home/user/

    But that still dont allow that user to acces files on /home/user if that has other chown... is it imposible to set safe_mode_include_dir from httpd.conf?

    Other solution would be to absulutly disable checking of file owners by safe mode and use besides safemode > open_basedir. However I find anoying that safe mode dont have setting to disable it UID checking.

    any sugestions?

  2. #2
    Join Date
    Mar 2003
    Sacramento, CA
    are all your users listed under /home/user? Such as:


    If so try adding php_admin_value safe_mode_include_dir /home/user/*
    Jacob Squires , CISSP

    security assesment, network analysis

  3. #3
    Join Date
    Apr 2004
    of course NO.

    Main idea is to grant to user1 acces to any files in /home/user1/ while keeping safe mode on! And that means that every virtual server account in httpd.conf need other safe dir

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts