Tag: open_basedir

About

Limit the files that can be opened by PHP to the specified directory-tree, including the file itself. This directive is NOT affected by whether Safe Mode is turned On or Off.

When a script tries to open a file with, for example, fopen() or gzopen(), the location of the file is checked. When the file is outside the specified directory-tree, PHP will refuse to open it. All symbolic links are resolved, so it's not possible to avoid this restriction with a symlink.

The special value . indicates that the working directory of the script will be used as the base-directory. This is, however, a little dangerous as the working directory of the script can easily be changed with chdir().

In httpd.conf, open_basedir can be turned off (e.g. for some virtual hosts) the same way as any other configuration directive with "php_admin_value open_basedir none".

From nl3.php.net/manual/en/features.safe-mode.php#ini.open-basedir

 

Use PEAR with open_basedir and safe_mode restrictions

You want your website to be as safe as possible. So you'll typically want Open Basedir and Safe Mode to be on. When you're in a shared hosting environment, you'll find that any server administrator with a good sense of security will also have these restrictions in place. However security pretty much always limits functionality and this case is no different. Because what if you are caged in a restricted environment, and you would still like to use shared libraries like the ones provided by PEAR?