views:

339

answers:

1

Calling the Pear Mail class in some instances automatically attempts to read /dev/urandom, however access is restricted due to an open_basedir setting. Is it safe to add /dev to open_basedir? Or is there a better way around this?

+1  A: 

Do you trust everyone who will be writing PHP for your server? If not, then adding /dev to open_basedir is probably a bad idea.

As for why, the only reason I can think of for why random numbers would be needed is if you are trying to start an SSL connection with an SMTP server. Are you trying to use SSL?

Glomek
Yes, the pear mail script is connecting to a secure smtp server, so that's where the need for random numbers is coming from. I wonder if i should just remove the open_basedir restriction entirely, I am the only one using this server...
Jay