open_basedir blank in lsws but correct in httpd

Discussion in 'General' started by aww, Sep 10, 2011.

  1. aww

    aww Well-Known Member

    Under cpanel they have this set in the httpd.conf template

    /var/cpanel/templates/apache2/vhost.default

    php_admin_value open_basedir "[% vhost.homedir %] etc.

    and it works in apache - under phpinfo it correctly shows the open_basedir restriction

    but when lsws is running

    open_basedir no value

    the php.ini does not have any overrides, it's commented out

    any suggestions where I should begin looking for the problem?

    it is possible I complied PHP with a missing option to obey the apache env ?

    OH - maybe it's this http://www.litespeedtech.com/support/forum/showpost.php?p=27586&postcount=23

    what can I do about
    Code:
    <IfModule concurrent_php.c>
    then?
     
    Last edited: Sep 10, 2011
  2. aww

    aww Well-Known Member

    Yup that was the problem,

    why doesn't litespeed obey?

    <IfModule !concurrent_php.c>

    I had to move the basedir outside of that structure for it to work

    I hope cpanel doesn't override that with it's future upgrades.

    I guess litespeed cannot qualify any of the conditionals?
    Code:
        <IfModule concurrent_php.c>
            php4_admin_value open_basedir "[% vhost.homedir %]:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/ph$
            php5_admin_value open_basedir "[% vhost.homedir %]:/usr/lib/php:/usr/local/lib/php:/tmp"
        </IfModule>
        <IfModule !concurrent_php.c>
            <IfModule mod_php4.c>
                php_admin_value open_basedir "[% vhost.homedir %]:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib$
            </IfModule>
            <IfModule mod_php5.c>
                php_admin_value open_basedir "[% vhost.homedir %]:/usr/lib/php:/usr/local/lib/php:/tmp"
            </IfModule>
            <IfModule sapi_apache2.c>
                php_admin_value open_basedir "[% vhost.homedir %]:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib$
            </IfModule>
        </IfModule>
    
    Note that this means suddenly there are a whole bunch of people running litespeed under cpanel who no longer have the open_basedir protection they thought they had working previously. It's a silent fail. I'd call that a big security problem that litespeed might get blamed for.
     
    Last edited: Sep 10, 2011
  3. mistwang

    mistwang LiteSpeed Staff

Share This Page