PHP Security Tweaks
Jeffrey Tadlock
linux at elfshadow.net
Sun May 25 17:19:11 UTC 2008
On Sat, May 24, 2008 at 10:18 PM, Jeffrey Tadlock <linux at elfshadow.net> wrote:
> 'open_basedir' is causing issues with the user's page (i.e. clicking
> the jeffreyt link at the top of the page), when it is enabled it just
> goes to a blank page. The same happens with the Infrastructure page
> as well. Everything else seemed to work well with it enabled. I will
> play with that on a vanilla install at home and see what is up with
> that.
I think I have this working now. I needed to add /usr/share/pear to
the open_basedir list. The things I saw broken because of that last
night now appear to be working. It is now enabled on publictest2.
If I am not around and it turns out it is causing issues somewhere
else, you can just comment it out in /etc/php.ini and bounce Apache
and you'll be good to go.
> If something has broken and I missed it, feel free to ping me (iWolf)
> on IRC. If I am not around you can grab the original php.ini file
> from my home directory under the php-sec directory. Just copy it to
> /etc/php.ini and bounce apache and you will be back to the way it was
> before I made the changes. Please let me know if you need to do that
> though, so I can look at it further.
Same applies. I have some garden work to do this afternoon, so if I
am not around, you can copy the original php.ini from my home
directory under the php-sec directory to /etc/php.ini and bounce
apache to be back to the original way it was before I made changes.
Just let me know if you end up needing to do that so I can look at it
further.
Thanks!
Jeffrey
More information about the Fedora-infrastructure-list
mailing list