PHP Safe_mode
Jun 21, 2007Does anyone know if PHP safe_mode can be enabled on a per user basis?
View 9 Replies
ADVERTISEMENT
Open_basedir , Safe_mode
Feb 1, 2008when I make open_basedir effect in whm > security center
I have in my script this problem :
Warning: tempnam() [function.tempnam]: open_basedir restriction in effect. File() is not within the allowed path(s): (/home/xxxx/:/usr/lib/php:/usr/local/lib/php:/tmp) in /admincp/misc.php on line 685Warning: fwrite(): supplied argument is not a valid stream resource in /admincp/misc.php on line 688Warning: fclose(): supplied argument is not a valid stream resource in /admincp/misc.php on line 689
when I disable it I have this other one problem :
Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid is 32010 is not allowed to access /tmp/vbthumbLTfVOk owned by uid ..
Disabling Safe_mode In My Account
Mar 1, 2008i have a dedicated server wich has safe_mode ON.
i run a joomla portal and i am having issues regarding uploading new modules and stuff like that.. i know that the solution is disabling the safe_mode
i have tried using a customized php.ini but it didnt work... what else can i try?
CURLOPT_FOLLOWLOCATION Cannot Be Activated When In Safe_mode
Jun 13, 2008i get an error message for a site im trying to build.
id like to know if there are scripts i can upload myself to turn off safe mode and to sto the base dir thing.
i understand this can be done in php.ini and htaccess.
Warning: curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/g/public_html/term-sample.php on line 58
Enable Safe_mode For Particular Account
Dec 3, 2007how i can disable safe mode for 1 account .... i have the fallowing info system :
php 5.2.5
apche 2.2
suphp
i have search in the httpd.conf and i found this
Code:
ServerName xxxx.com
ServerAlias www.xxxx.com xxxxx.com
DocumentRoot /home/xxxxx/public_html
ServerAdmin webmaster@***********
UseCanonicalName Off
TransferLog /usr/local/apache/domlogs/xxxx.com
CustomLog /usr/local/apache/domlogs/xxxx.com-bytes_log "%{%s}t %I .
%{%s$
## User sansnom # Needed for Cpanel::ApacheConf
UserDir disabled
UserDir enabled xxxxxxx
<IfModule mod_suphp.c>
suPHP_UserGroup xxxxx xxxxx
</IfModule>
<IfModule concurrent_php.c>
php4_admin_value open_basedir "/home/xxxx:/usr/lib/php:/usr/php4/lib$
php5_admin_value open_basedir "/home/xxxx:/usr/lib/php:/usr/local/li$
</IfModule>
<IfModule !concurrent_php.c>
<IfModule mod_php4.c>
php_admin_value open_basedir "/home/xxxxx:/usr/lib/php:/usr/php4/$
</IfModule>
<IfModule mod_php5.c>
php_admin_value open_basedir "/home/xxxxx:/usr/lib/php:/usr/local$
</IfModule>
<IfModule sapi_apache2.c>
php_admin_value open_basedir "/home/xxxxx:/usr/lib/php:/usr/php4/$
</IfModule>
</IfModule>
<IfModule !mod_disable_suexec.c>
SuexecUserGroup xxxxxx xxxxxx
</IfModule>
ScriptAlias /cgi-bin/ /home/xxxxxx/public_html/cgi-bin/
in wich part chould i add the commande line to disable the safe mode?
How Can Custom Safe_mode / Register_globals For An Account
Dec 10, 2008How can custom safe_mode / register_globals for an account?
Hi,
I have with CentOS 5.2 + cPanel/WHM. For security i edited suphp.conf and force all users use my main php.ini config:
[phprc_paths]
application/x-httpd-php=/usr/local/lib/
;application/x-httpd-php4=/usr/local/php4/lib/
application/x-httpd-php5=/usr/local/lib/
Now i wanna turn on register_globals and turn off safe mode for an account, how can i do that?
How To Stop This Attack [Bypass Safe_mode & Openbase Dir]
Feb 6, 2008Recently, some of our Linux/cPanel servers got hacked (not rooted) by using the following code (method)
#!/usr/bin/perl
symlink ("/home/USER/config.php","/home/USER2/test.txt");
The hacker just execute the perl file , and then he called the "test.txt" file through internet explorer , and its done , he can read the file easily !
We tried to :
1- run php as CGI module.
2- run SUPHP module.
3- run php as apache module.
4- enable open_basedir and safe_mode.
But the hacker still can bypass the system!
the only solution is to disable /usr/bin/perl , chmoded it to 700 . but thats caused a broken cpanel!
as it requires it to be at 755 for proper operation, since it is used by customers as well when it suexec into the user when they log into cPanel. and so we cannot change it to that setting (700), since it breaks the entire system.
So is there any way to stop the "symlink" perl function?
any way to stop this attack method?