below a correct open_basedir restriction but why can fopen() create this file outside the basedir and after that the restriction is active?
this means in other words: fopen() can empty files outside the basedir if their permissions are open enough Sep 27 10:53:26 open_basedir restriction in effect. File(/tmp/rhcsvz8QeBL) is not within the allowed path(s): (/etc/httpd/conf/panel:/Volumes/dune/www-servers/phpincludes:/usr/share/pear) Sep 27 10:53:26 PHP Warning: fopen(/tmp/rhcsvz8QeBL): failed to open stream: Operation not permitted in /Volumes/dune/www-servers/phpincludes/global_rh_csv.inc.php on line 2 [root@arrakis:~]$ stat /tmp/rhcsvz8QeBL File: „/tmp/rhcsvz8QeBL“ Size: 0 Blocks: 0 IO Block: 4096 reguläre leere Datei Device: 10h/16d Inode: 6310677 Links: 1 Access: (0600/-rw-------) Uid: ( 48/ apache) Gid: ( 48/ apache) Access: 2011-09-27 10:53:26.894004321 +0200 Modify: 2011-09-27 10:53:26.894004321 +0200 Change: 2011-09-27 10:53:26.894004321 +0200
signature.asc
Description: OpenPGP digital signature
