BusinessGuy
Reputation: 33
PHP-FPM open_basedir vs chroot
From what I've seen chroot does the same as open_basedir except it also completely breaks a few PHP functions unless some trickery is made. Why do tutorials still use chroot instead of open_basedir? Is there a security implication to using the latter?
Thanks
Upvotes: 0
Views: 672
Answers (1)
LipeDjow
Reputation: 21
Yes, there's a security implication.
open_basedir is a PHP implementation of chroot, so it's only applied on php scripts I/O. It will not be applied to system calls, i.e: system(), exec(), etc
Upvotes: 2
Related Questions
- How to run php-fpm as root
- Difference between apache vs fpm in PHP Docker image?
- Make PHP-FPM a drop-in replacement for PHP-CLI
- Using PHP-FPM inside a PHP process
- PHP7 cli vs php-fpm
- Apache + PHP-FPM + chroot results “File not found.” error
- PHP-FPM and CHROOT
- Exec with PHP-FPM on nginx (under chroot) returns nothing
- Call chroot in PHP
- What system files need to be in a jailed environment for php-fpm to function properly on ubuntu?