Section A.10. open_basedir


A.10. open_basedir

The open_basedir directive limits the files that can be opened by PHP to a specific directory. Although not a substitute for proper input filtering, this directive can reduce the likelihood of many attacks that target filesystem functions, as well as include and require.

Its value is a prefix, so be careful to use a trailing slash when you want to indicate a particular directory:

     open_basedir = /path/to/ 

Be sure to disable the enable_dl directive; otherwise, open_basedir restrictions can be circumvented.





Essential PHP Security
Essential PHP Security
ISBN: 059600656X
EAN: 2147483647
Year: 2005
Pages: 110

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net