Reputation: 21
Can I use open_basedir or is it deprecated?
Excuse me in advance for the strange question :-)
I'm using the last stable php version, and I want to "jail" php scripts. (I tried to chroot, but it is boring.
I would like to use open_basedir directive on php.ini, but I don't know with it's deprecated or not. I searched on Google and 99% times the page redirect to http://php.net/manual/en/features.safe-mode.php (DEPRECATED).
So my question is, Can I use this directive or not? is it sure?
Thank you really much
Upvotes: 0
Views: 1406
Answers (3)
Reputation: 29462
There is nothing about this directive being deprecated. But restricting directory access with this does not prevent other people to see someone else code (ex using shell_exec and cat). So I would suggest to disable all functions that allows external program execution or use patch for php to allow only trusted executables from specified directory http://www.kyberdigi.cz/projects/execdir/english.html
On a side note, jail chroot is not boring, it's exciting considering how much work it requires to get all running ;)
Upvotes: 0
Reputation: 4621
From http://www.php.net/manual/en/ini.core.php#ini.open-basedir, so this feature doesn't rely on safe_mode.
This directive is NOT affected by whether Safe Mode is turned On or Off.
Upvotes: 3
Reputation: 48357
PHP Safe Mode is deprecated. open_basedir is NOT deprecated. There is a lot of overlap between what these constructs address.
Upvotes: 3
Related Questions
- PHP open_basedir with UNC path
- How can I relax PHP's open_basedir restriction?
- What should my open_basedir path be set as?
- PHP open_basedir
- PHP: open_basedir allowed path
- PHP open_basedir - to return value?
- How to setup open_basedir in PHP for Joomla
- What is this Magento open_basedir issue all about?
- What is the use of open_basedir in PHP and how does it work?
- open_basedir globally