On Wed, Jan 18, 2006 at 08:13:00PM -0600, Graham Frank wrote: > I am trying to restrict a open_basedir to the document root of the domain. > So I have the following in httpd.conf. > > <Location /> > php_admin_value open_basedir / > </Location> open_basedir takes a filesystem path, that directive has no effect at all. open_basedir itself is not a reliable security barrier in any case, see http://www.php.net/security-note.php. joe --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|