open_basedir blank in lsws but correct in httpd

Discussion in 'General' started by aww, Sep 10, 2011.

  1. aww

    aww New Member

    Under cpanel they have this set in the httpd.conf template

    /var/cpanel/templates/apache2/vhost.default

    php_admin_value open_basedir "[% vhost.homedir %] etc.

    and it works in apache - under phpinfo it correctly shows the open_basedir restriction

    but when lsws is running

    open_basedir no value

    the php.ini does not have any overrides, it's commented out

    any suggestions where I should begin looking for the problem?

    it is possible I complied PHP with a missing option to obey the apache env ?

    OH - maybe it's this http://www.litespeedtech.com/support/forum/showpost.php?p=27586&postcount=23

    what can I do about
    Code:
    <IfModule concurrent_php.c>
    then?
    Last edited: Sep 10, 2011
  2. aww

    aww New Member

    Yup that was the problem,

    why doesn't litespeed obey?

    <IfModule !concurrent_php.c>

    I had to move the basedir outside of that structure for it to work

    I hope cpanel doesn't override that with it's future upgrades.

    I guess litespeed cannot qualify any of the conditionals?
    Code:
        <IfModule concurrent_php.c>
            php4_admin_value open_basedir "[% vhost.homedir %]:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/ph$
            php5_admin_value open_basedir "[% vhost.homedir %]:/usr/lib/php:/usr/local/lib/php:/tmp"
        </IfModule>
        <IfModule !concurrent_php.c>
            <IfModule mod_php4.c>
                php_admin_value open_basedir "[% vhost.homedir %]:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib$
            </IfModule>
            <IfModule mod_php5.c>
                php_admin_value open_basedir "[% vhost.homedir %]:/usr/lib/php:/usr/local/lib/php:/tmp"
            </IfModule>
            <IfModule sapi_apache2.c>
                php_admin_value open_basedir "[% vhost.homedir %]:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib$
            </IfModule>
        </IfModule>
    
    Note that this means suddenly there are a whole bunch of people running litespeed under cpanel who no longer have the open_basedir protection they thought they had working previously. It's a silent fail. I'd call that a big security problem that litespeed might get blamed for.
    Last edited: Sep 10, 2011
  3. mistwang

    mistwang LiteSpeed Staff

Share This Page