The reason why I would want to play with settings in php.ini or/and
httpd.conf often is because everytime I modify those config files I MUST
restart apache in order for changes to take place, meaning I will have
DOWNTIME. Now imagine hundreds of new accounts added per day to your
hosting machine, that means the webserver will end up getting restarted
hundreds of times... Hundreds of seconds per day add up to minutes of
downtime... and as we all know downtime is something everyone tries to
avoid at all costs.That's a good point. But this implementation still doesn't seem very
slick to me. What about something like:open_basedir = /var/www/{user}/public_html
That's a great way of doin it too, Rasmus.
virtual_root_level might not be very slick, however, it was the
simplest/easier way to solve the problem I was able to up with at the
time.
Where {user} would map to the owner of the script being executed. Other
things that might be supported as well: {group}, {regex:a.*$}, {host}
and probably other things as well. I haven't thought through this very
much yet, but that seems like a more flexible approach to this problem.
the beauty of open source... ;)
Cheers,
Boulat.
-Rasmus