httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Graham Frank" <>
Subject [users@httpd] php_admin_flag question
Date Thu, 19 Jan 2006 02:13:00 GMT

I am trying to restrict a open_basedir to the document root of the domain.
So I have the following in httpd.conf.

<Location />
  php_admin_value open_basedir /

That isn't working.  I've tried it using <Directory /> as well.  I'm still
able to fopen("/etc/passwd");  How could I make it so that a person in say
/home/username/ can only include from /home/username/
and not /etc/passwd (for example)?  I would turn on safe_mode, but files are
uid:gid the client's FTP account while apache doesn't suexec to their
username and runs httpd:httpd.


Graham Frank
Neoservers LLC (
Founder and Owner

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message