In response to the post found at:
http://marc.theaimsgroup.com/?l=php-general&m=104913671122253&w=2
I would like to use open_basedir to stop users from reading the contents
of system files, while using include/require to let users take advantage
of scripts that I have created. These scripts have DB passwords which
I would like to keep secret. While they are outside of the Apache
document root, this post states "include() must be relative to one
of the directories listed in open_basedir". This would allow users,
knowing the name of the script, to read its contents with an fopen().
As there are many ways to skin small mammals, what security mechanisms
are there in place to prevent this from happening? Are there any other
approaches I can take to solve this problem? I think, ultimately,
what I am asking for is a way to allow access for the php interpreter
to parse the file (with include) while disallowing access to open the
file for reading with fopen).
Thank you for taking the time to read this. I would be very grateful
to hear any experiences and suggestions the users of this list may have.
Sincerely,
Adam
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
