Home About Articles Contact Library Projects

Consortium News

Fri, 20 Oct 2006
PHP Security Consortium Launches New Project - PHPSecInfo

Wed, 16 Nov 2005
Daniel Convissor Elected as Principal

Promotional Links

Please support us by providing a link to the PHP Security Consortium on your web site. You can also use our promotional image:

PhpSecInfo Test Information

open_basedir

Test Description

Checks if the open_basedir setting is enabled.

Security Implications

open_basedir limits the PHP process from accessing files outside of specifically designated directories.

Remember this setting will only affect PHP scripts. Applications written in other languages (Perl, Python, Ruby, etc.) will not be affected.

Recommendations

Set open_basedir to only allow access to required portions of the filesystem, like your web site's documents and any shared libraries.

You can set open_basedir in the php.ini file:

; Set open_basedir to the 
open_basedir = "/var/www/foo.bar/:/usr/local/php/"

The setting can also be applied in apache's httpd.conf file, or an .htaccess file:

# Set open_basedir to a safe location
php_value    open_basedir    /var/www/foo.bar/:/usr/local/php/

More Information

PHP.net manual: open_basedir

« Test information index

Get PhpSecInfo

Download Now »

Version: 0.2.1 20070406
md5 hash

Documentation

Mailing List »

Screenshots:

PhpSecInfo screenshot

PhpSecInfo screenshot