Web Servers on Unix and Linux - open_basedir leaking between virtual hosts

This is Interesting: Free IT Magazines  
Home > Archive > Web Servers on Unix and Linux > February 2005 > open_basedir leaking between virtual hosts





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author open_basedir leaking between virtual hosts
Chris Ritson

2005-02-23, 5:58 pm

I am setting open_basedir to include only the DocumentRoot and PHP
installation tree in 16 out of 18 VirtualHosts on our (test) apache
server. This is running apache 2.0.53 and php 5.0.3. If I force a
graceful restart, then fetch a trivial php page containing little more
than a single call to phpinfo(); from each host, I get the correct
value reported for open_basedir from the first few requests, then the
value seems to cycle round the value expected for the first 5
VirtualHosts - I presume that each pre-forked process that apache uses
is hanging on to its value of open_basedir even though it is next used
to serve a page from a different VirtualHost.

This appears to have been reported many times in previous versions of
PHP and has always been classified as a bogus error report, so I hope
it is simpy a configuration error on my part. Can anybody suggest where
to look?

Configuration details follow...

T.I.A. Chris Ritson.

Apache configured with:-
./configure --prefix=${PREFIX}/httpd/${vHTTPD} \
--enable-layout=Apache \
--enable-modules="so" \
--enable-mods-shared="ssl,rewrite,auth_digest,dav"

PHP configured with:-
./configure --prefix=${PREFIX}/php/${vPHP} \
--with-config-file-path=${PREFIX}/php \
--with-apxs2=${APACHE}/bin/apxs \
--with-pear \
--with-dom=/usr/lib \
--with-ldap \
--with-mysql=${MYSQL} \
--with-gd \
--with-jpeg-dir \
--with-png-dir \
--with-zlib-dir=/usr/lib \
--with-xpm-dir \
--with-ttf \
--with-freetype-dir=/usr/lib \
--enable-gd-native-ttf

Apache httpd.conf typically contains the following for each
VirtualHost. The LoadModule for php is outside all VirtualHost blocks.

<VirtualHost *:80>
ServerAdmin cs-webmaster@ncl.ac.uk
DocumentRoot /export/web/parallelism
ServerName www.parallelism-test.cs.ncl.ac.uk
ErrorLog /var/log/www/parallelism.cs-error_log
CustomLog /var/log/www/parallelism.cs-access_log common
php_admin_value open_basedir
/export:/export/web/parallelism:/addon/local/php
php_admin_flag safe_mode off
</VirtualHost>

php.ini contains

open_basedir = none

Thanks for reading the rest...

Chris Ritson (Computing Officer and School Safety Officer)

Rm 618, Claremont Bridge, EMAIL: C.R.Ritson@ncl.ac.uk
School of Computing Science, PHONE: +44 191 222 8175
University of Newcastle, FAX : +44 191 222 8232
Newcastle on Tyne, UK NE1 7RU. http://www.cs.ncl.ac.uk/



Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com