UID/GID checks are bypassed when including files from this directory and its subdirectories (directory must also be in include_path <cid:[EMAIL PROTECTED]> or full path must including).
As of PHP 4.2.0, this directive can take a *semi-colon separated path* in a similar fashion to the include_path <cid:[EMAIL PROTECTED]> directive, rather than just a single directory.
Robert Mena wrote:
Hi, I host some virtual servers in a Linux/apache/php 4 enviroment.
I'd like to set up as secure as possible since the users have ftp access to upload files.
So each virtual domain has a safe_mode/open_basedir settings in order to make it difficult to mess with each other's files.
Unfortunatelly this seems to have a side effect. Whenever I need to provide tools/classes such as
Jpgraph, Smarty and so on I have to copy to the user's
directory since the include_path could not reach
outside the document root/open_basedir directory.
So, is there a way to configure so I have a "secure" enviroment and yet be able to define a common repository.
Regards.
__________________________________________________ Do you Yahoo!? Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop! http://platinum.yahoo.com
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
