ID: 22181 Comment by: creinig at sunsite dot dk Reported By: dragos dot nitu at idilis dot ro Status: Open Bug Type: Feature/Change Request PHP Version: 4.3.0 New Comment:
Similar problem here: We want to use php with apache2 (mpm_worker) via fastcgi for a shared hosting setup. One solution to securing this is to use mod_suexec to create a separate pool of php instances per virtualhost. But that's eating tons of RAM. If open_basedir (and if possible also safe_mode_include_dir, safe_mode_exec_dir, include_path and upload_tmp_dir) would accept wildcards as described in the original requets, it would be possible to securely use one pool of php instances for all vhosts. Previous Comments: ------------------------------------------------------------------------ [2003-02-12 00:30:52] dragos dot nitu at idilis dot ro In apache, using nameserver based mass virtual hosting, I can't set open_basedir per user/virtual host basis. Solutions like php_admin_value .:/usr/lib/php didn't work for all users (../include). The solution that I think of is to set open_basedir to something like ".:/var/www/*/:/usr/lib/php", where '*' will be replaced by the coresponded directory from the script path. For example '/var/www/www.site.com/forum/index.php' should have open_basedir '/var/www/www.site.com/'. I made an 'works for me patch' available here: ftp://ftp.idilis.ro/linux/idilis/basedir.patch However it wold be nice if this feature would be included in future php versions. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=22181&edit=1
