open_basedir and exec problems | General Questions and Support | Forum Archive

The free forums are no longer in use. It remains available as read-only archive.

Avatar
Lost password?
Advanced Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
The forums are currently locked and only available for read only access
sp_TopicIcon
open_basedir and exec problems
August 1, 2012
8:46 am
Avatar
vakis
Member
Members
Forum Posts: 5
Member Since:
August 1, 2012
sp_UserOfflineSmall Offline

Hi I am testing Xcloner Standalone V3.0
as well as Xcloner v3.1.1 for joomla 2.5 on joomla2.5.6 and I am
having some issues.

Well, open_basedir is something I have
enabled in php.ini of course. I am allowing only the public directory
and a couple of non-public ones. While I am testing this on an ubuntu
local server before going to the production one and although the
backup is being taken fine, I get errors in the error_log such as
this:

 

[01-Aug-2012 07:32:26 UTC] PHP Warning:
is_file(): open_basedir restriction in effect. File(/media) is not
within the allowed path(s):
(/var/www/clients/client1/web1/web:/var/www/clients/client1/web1/backups)
in /var/www/clients/client1/web1/web/backup-test/cloner.functions.php
on line 1125

 

Noticing that those 100+ error lines
with the ‘open_basedir restriction in effect’ are all about the
/media directory and no other (very weird indeed) and are actually joomla paths such as
this line:

 

[01-Aug-2012 07:32:28 UTC] PHP Warning:
is_file(): open_basedir restriction in effect.
File(/media/mod_languages/images/index.html) is not within the
allowed path(s):
(/var/www/clients/client1/web1/web:/var/www/clients/client1/web1/backups)
in /var/www/clients/client1/web1/web/backup-test/cloner.functions.php
on line 1125

 

The error path should look something
like this:

/var/www/clients/client1/web1/web/media

and not just /media ... anyway, it jsut feels as if xcloner is trying to access
files out of the public directory.

 

What solves it is adding :/media:/tmp
to the open_basedir in php.ini and now I see no errors.

 

But the Php open_basedir: in Info tab
shows the restrictions in red. What I do not understand, is how once
I allow all the public directory (/web) which includes /media
directory I still get error from xcloner and in the very weird way I
described.

 

Most of the admins that would like a
much more secure site would have open_basedir set and I do not
consider asking to have this unset is so wise indeed. Any web
software that I have used so far that does have an
info/testing/area/tab (such as yours and this is good) in order to
test such things, goes 'green' if I allow certain directories the
software needs allowed.

 

Now concerning the exec function which
is also red in xcloner, I do not consider a Joomla site so secure if
it does not have the following line in php.ini

disable_functions = show_source,
system, shell_exec, passthru, exec, phpinfo, popen, proc_open

 

I would like your opinion on all this,
I would appreciate your reply.

Your software amazed me at first but I
got to this point that it stressed me.

Thank you

August 2, 2012
1:11 pm
Avatar
Ovidiu Liuta
Admin
Forum Posts: 2484
Member Since:
September 26, 2010
sp_UserOfflineSmall Offline

Could you post here some screenshots from your XCloner current Config? Make sure you are using full server paths to define the Backup Start Path and Backup Store Path options....

 

Ovidiu

August 2, 2012
1:59 pm
Avatar
vakis
Member
Members
Forum Posts: 5
Member Since:
August 1, 2012
sp_UserOfflineSmall Offline

yes just give me a moment to upload the screenshots

August 2, 2012
2:10 pm
Avatar
vakis
Member
Members
Forum Posts: 5
Member Since:
August 1, 2012
sp_UserOfflineSmall Offline

unfortunately although I have created 7 screen shots I cannot upload even 1. The feature in the editor here doesn't work :/

August 2, 2012
2:20 pm
Avatar
vakis
Member
Members
Forum Posts: 5
Member Since:
August 1, 2012
sp_UserOfflineSmall Offline

ok it worked using google chrome, has a problem in firefox. anyway

here are my settings:

 

Image Enlarger

 

Image Enlarger

 

Image Enlarger

 

Image Enlarger

 

Image Enlarger

 

Image Enlarger

 

 

But notice what happened actually, using the ftp client, the filenzise is not the same at all.

 

Image Enlarger

 

..downloaded it, and here are it's contents. dir administrator/backup/index.html only inside:

 

Image Enlarger

August 2, 2012
8:45 pm
Avatar
Ovidiu Liuta
Admin
Forum Posts: 2484
Member Since:
September 26, 2010
sp_UserOfflineSmall Offline

I would advise disabling the open_basedir option, or try to set it up on directory below the web/ main folder and see if it helps...

 

Ovidiu

August 3, 2012
4:24 am
Avatar
vakis
Member
Members
Forum Posts: 5
Member Since:
August 1, 2012
sp_UserOfflineSmall Offline

Well, in case you believe me, I have, on the local server, and the results are the same, no need for screenshots for this to prove right ?

And just because I do not take your answer as a serious one, once asking to disable open_basedir is like asking one to take all the doors and windows of his house off, I would advice you to recheck your code and find alternatives to do what you do. This reminds me of web developers asking the admins to cmod 777 for their app to work.

You should respect people and their work more, and learn a little bit more about web server security.

 

Forum Timezone: America/Chicago
Most Users Ever Online: 867
Currently Online:
Guest(s) 1
Currently Browsing this Page:
1 Guest(s)
Top Posters:
mlguru: 30
Django29: 29
Andy: 21
D: 21
Marcus: 20
Jamie F: 19
Member Stats:
Guest Posters: 738
Members: 10030
Moderators: 2
Admins: 3
Forum Stats:
Groups: 3
Forums: 7
Topics: 2397
Posts: 8236
Newest Members:
Emmanuel Joachim
Moderators: TriP: 0, Steve Burge: 0
Administrators: Ovidiu Liuta: 2484, Victor Drover: 1, Valentin Barbu: 0