tags:

views:

106

answers:

2
+1  Q: 

How can i write open_basedir like this -> open_basedir = 'var/home/*/'

As you know. You have to write open_basedir = '/var/home' etc

I want to write like this: open_basedir = '/var/home/*/'

Which i want is php should restrict every directory which is in home directory, for every different directories.

Short question: How can i write open_basedir like this: open_basedir = 'var/home/*/'?

Thank you very much.

A: 

You can. You must specify each path in the directive :

open_basedir = "/var/home/path1/:/var/home/path2/:/var/home/path3/"
OcuS  2010-01-14 09:49:52
Thank you very much. But is there any automatic directory definition. ? Because there are many directories.
ONSC  2010-01-14 10:11:45
+1  A: 

If you want to restrict PHP to each user's own home directory you need a PHP setup in which:

  1. PHP runs with the user credentials
  2. PHP accepts a per-user configuration

A typical case is a CGI (or FastCGI) setup, rather than running PHP as Apache module. Then you can provide a custom php.ini file for each user.

BTW, I haven't tested it but perhaps open_basedir = "~" works as expected...

====== EDIT ======

Some clarifications that arise from the OP's comment:

  1. In Unix shells, "~" is a synonym for "current user's home directory" so it's "/var/home/john" if you are john and it's "/var/home/michael" if you are michael. "var/home/~/" has no special meaning: it's just a directory that's called ~.

  2. Many programs use this shell convention. I don't know if PHP does so.

  3. CGI allows to execute arbitrary programs on the server so it is less secure than static HTML the same way that a skateboard is less secure than a space shuttle. But we are not talking about executing arbitrary programs: we are talking about executing the PHP interpreter. It'll be as as secure as PHP and your environment are.

  4. If you are interested in the subject, Google for FastCGI (a CGI implementation with enhanced performance). Many hosting providers use it.

Álvaro G. Vicario  2010-01-14 10:16:49
i tested open_basedir = 'var/home/~/' didn't work. Thank you for your answer. Would you send a helping URL for CGI setup for providing custom php.ini for each user.Last question : I ve heard CGI has some security problems. Is that true ?Thank you again.
ONSC  2010-01-14 10:40:54
Thank you very much.
ONSC  2010-01-14 13:19:45

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases