PHP open_basedir security setting

Currently the PHP open_basedir security setting can’t be automatically set when creating a virtual server. This means that by default PHP can access every file on the file system, see

It would be great if the open_basedir path could be automatically set to the home directory of the user when a virtual server is created. So the user doesn't have to do this by hand after the virutal server has been created, which is of course error prone.

Closed (fixed)


Howdy -- this is actually something you can do if you wanted. You can set a php.ini template to use in System Settings -> Server Templates -> Default -> Apache Website.

What you could do there is setup a template, and within that template, you can use variables to set open_basedir to the homedir (I believe you would just need ${HOME} for that, but check the help text for that option for additional information).

Thanks, that basically does the job for setting the open_basedir setting.

Currently the php.ini template is copied to the user directory (${HOME}/etc/php.ini). Is there a way I can use /etc/php5/cgi/php.ini as the default configuration and parse ${HOME}/etc/php.ini as an additional php.ini file? This way we can change the default settings for all virtual hosts.

edit: Created a separate ticket for this:

Status: Active » Closed (fixed)