PHP Open Basedir degrades Security (Bonus)

Some hosters are using the open_basedir restrictions because they think this makes hosting somewhat more secure. Well normally it is not because a hoster in need to enable it often shows that the system is not properly configured in respect of the file-access-rights. A properly configured system would not need PHP to handle restrictions. And often open basedir can be tricked because of flaws in the implementaiton – at least those problems were reported in the past.

Anyway, the funny thing is, that a strong source of randomness often isn’t available any longer when those hosters configure the open_basedir restriction: /dev/urandom .

For example with something like WordPress and phpass, they just do not benefit any longer of it, if it was forgotten to allow access to it.

In for the security or in for the obscurity?

via: #12148

This entry was posted in Pressed and tagged , , , , , , , . Bookmark the permalink.

One Response to PHP Open Basedir degrades Security (Bonus)

  1. Pingback: Congrats Solar Designer! | hakre on wordpress

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s