Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:8612
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Date: Fri, 19 Mar 2004 10:10:10 -0800 (PST)
To: boulat@funio.com
cc: internals@lists.php.net
In-Reply-To: <61700.66.158.132.127.1079718509.squirrel@www.funio.com>
Message-ID: <Pine.LNX.4.58.0403191007010.2205@thinkpad.lerdorf.com>
References: <61700.66.158.132.127.1079718509.squirrel@www.funio.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Subject: Re: [PHP-DEV] new security related directive for php-4.3.4
From: rasmus@php.net (Rasmus Lerdorf)

So if your script is:

  /path1/path2/path3/foo.php

And your virtual_root_level is set to 2 then foo.php will be able to open 
files anywhere under /path1/path2

How is that different from simply setting open_basedir to /path1/path2 ?

Is it because you have a bunch of different paths for every user and you 
don't want to add all these to your open_basedir list?  It seems a bit 
fishy to me.  There is nothing wrong with have vhost-specific open_basedir 
settings.

-Rasmus


On Fri, 19 Mar 2004 boulat@funio.com wrote:

> Hi internals,
> 
> I added "virtual_root_level" new security related directive
> into php-4.3.4.
> 
> Full description with the patch can be found in here
> 
> http://www.boulat.net/projects/virtual_root_level/
> 
> Some feedback/comments would be appreciated.
> 
> Regards,
> Boulat
> 
> -- 
> PHP Internals - PHP Runtime Development Mailing List
> To unsubscribe, visit: http://www.php.net/unsub.php
>