open_basedir leaking between virtual hosts
From: Chris Ritson (C.R.Ritson_at_ncl.ac.uk)
Date: 02/23/05
- Next message: JDS: "Re: what is error in this line of code?"
- Previous message: Matthew Crouch: "update"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 23 Feb 2005 14:39:08 +0000 (UTC)
I am setting open_basedir to include only the DocumentRoot and PHP
installation tree in 16 out of 18 VirtualHosts on our (test) apache
server. This is running apache 2.0.53 and PHP 5.0.3. If I force a
graceful restart, then fetch a trivial PHP page containing little more
than a single call to phpinfo(); from each host, I get the correct
value reported for open_basedir from the first few requests, then the
value seems to cycle round the value expected for the first 5
VirtualHosts - I presume that each pre-forked process that apache uses
is hanging on to its value of open_basedir even though it is next used
to serve a page from a different VirtualHost.
This appears to have been reported many times in previous versions of
PHP and has always been classified as a bogus error report, so I hope
it is simpy a configuration error on my part. Can anybody suggest where
to look?
Configuration details follow...
T.I.A. Chris Ritson.
Apache configured with:-
./configure --prefix=${PREFIX}/httpd/${vHTTPD} \
--enable-layout=Apache \
--enable-modules="so" \
--enable-mods-shared="ssl,rewrite,auth_digest,dav"
PHP configured with:-
./configure --prefix=${PREFIX}/php/${vPHP} \
--with-config-file-path=${PREFIX}/php \
--with-apxs2=${APACHE}/bin/apxs \
--with-pear \
--with-dom=/usr/lib \
--with-ldap \
--with-mysql=${MYSQL} \
--with-gd \
--with-jpeg-dir \
--with-png-dir \
--with-zlib-dir=/usr/lib \
--with-xpm-dir \
--with-ttf \
--with-freetype-dir=/usr/lib \
--enable-gd-native-ttf
Apache httpd.conf typically contains the following for each
VirtualHost. The LoadModule for php is outside all VirtualHost blocks.
<VirtualHost *:80>
ServerAdmin cs-webmaster@ncl.ac.uk
DocumentRoot /export/web/parallelism
ServerName www.parallelism-test.cs.ncl.ac.uk
ErrorLog /var/log/www/parallelism.cs-error_log
CustomLog /var/log/www/parallelism.cs-access_log common
php_admin_value open_basedir
/export:/export/web/parallelism:/addon/local/php
php_admin_flag safe_mode off
</VirtualHost>
php.ini contains
open_basedir = none
Thanks for reading the rest...
Chris Ritson (Computing Officer and School Safety Officer)
Rm 618, Claremont Bridge, EMAIL: C.R.Ritson@ncl.ac.uk
School of Computing Science, PHONE: +44 191 222 8175
University of Newcastle, FAX : +44 191 222 8232
Newcastle on Tyne, UK NE1 7RU. http://www.cs.ncl.ac.uk/
- Next message: JDS: "Re: what is error in this line of code?"
- Previous message: Matthew Crouch: "update"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
