On 11/05/2019 08:53, Niklas Keller wrote:
That's exactly the reason why I'm for removing it. There will always
be ways to circumvent open_basedir and setups like this are insecure.
It gives a false sense of security. It's not better than nothing,
because most hosting providers would opt for a real solution instead
of leaving users entirely unprotected.
What's your solution then? I'll be more than happy to have anything
better that will work with thousands of users:)
Solutions that work at the OS level have been suggested in this
thread. It's not my job figuring out a solution that works better for
your business at scale.
Suggested, but that falls short of providing a solution for those users
who may well not even be aware it is being used. When one hits a
deprecation warning there should be a reasonable set of instruction to
go with it offering an alternative. It SHOULD also be recognised that
many users will not actually have any control over the OS level and
being able to wrap different applications running in ones own shared
hosting to protect one's own operation IS one of the useful features
open_basedir provides? Having to create different hosting accounts to
achieve that seems somewhat insane?
https://uk.godaddy.com/help/can-i-use-open-basedir-on-my-server-running-parallels-plesk-panel-1619
is an example of one hosting providers use of it and something which
would probably require every host to rework their support crib sheets :(
--
Lester Caine - G8HFL
-----------------------------
Contact - https://lsces.uk/wiki/Contact
L.S.Caine Electronic Services - https://lsces.uk
Model Engineers Digital Workshop - https://medw.co.uk
Rainbow Digital Media - https://rainbowdigitalmedia.co.uk
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
