ok were i can change the value for open_basedir to no value I try to modify my php.ini but the changes will not take effect I need open_basedir no value I always get open_basedir /var/www/web5 Im using: Debian etch, suPHP, ISPConfig 2.2.25. I have a script that need this configuration. please help.
Ths value can not be changed individually. The only thing you can do is to disable php for the wesbite and then configure php manually by adding directives to the apache directives field without using the suphp wrapper script from ispconfig. Please be aware that it is security risk to run scripts without the open_basedir restriction.
thank you till, im the only user in the server.....is for my own domains this is the correct script to change this value? /home/admispconfig/ispconfig/tools/suphp/usr/bin/php-wrapper i need to change this Code: exec php-cgi -d open_basedir=${BASEDIR} -d upload_tmp_dir=${TMPDIR} -d session.save_path=${SESSDIR} -d safe_mode=${SAFE_MODE} to Code: exec php-cgi -d upload_tmp_dir=${TMPDIR} -d session.save_path=${SESSDIR} -d safe_mode=${SAFE_MODE} is correct ?? or.... which is the correct way?
Yes. If you are the only user, then its fine to change it globally. You should just be aware that if you run sites on the internet and one gets hacked, this might affect the whole server then.
Upss....is really dangerous one more thing (only to learn) in CPanel you can turn the open_basedir on or off..... in this case is a security risk to ?..... thank you till for your prompt response.
Yes. This does not depend on the controlpanel. If OpenBasedir is off, a PHP script may access the whole server. For example: $lines = file('/etc/passwd'); print_r($lines); would output you a list of all users that are on the server, if openbasedir is not enabled as the passwd file is world readable.
