bug? PHP open_basedir in dolibarr v20 image

Dolibarr / dolibarr-docker

Official Dolibarr docker images. Based on the work of Garcia MICHEL (tuxgasy)

https://hub.docker.com/r/dolibarr/dolibarr

GNU General Public License v3.0

25 stars 7 forks source link

bug? PHP open_basedir in dolibarr v20 image #10

Open JonBendtsen opened 1 month ago

JonBendtsen commented 1 month ago

From Home, Admin Tools, about security /admin/system/security.php?mainmenu=home&leftmenu=admintools

bug? PHP open_basedir in dolibarr v20 image

PHP open_basedir =  No   (Recommended: Some restricted path for data files, Example: /var/www/html,/var/www/documents)

Probably should be restricted

JonBendtsen commented 1 month ago

/usr/local/etc/php/php.ini

; open_basedir, if set, limits all file operations to the defined directory
; and below.  This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file.
; Note: disables the realpath cache
; https://php.net/open-basedir
;open_basedir =

JonBendtsen commented 1 month ago

But we could also set it in the apache configuration

https://stackoverflow.com/questions/13291185/how-to-set-for-specific-directory-open-basedir

it is probably easier in the dockerfile to have a sed line that modifies /usr/local/etc/php/php.ini than to add an extra line to /etc/apache2/sites-enabled/000-default.conf

JonBendtsen commented 1 month ago

method could possible to create a /etc/apache/mods-enabled/php.conf file.

I did, with the contents 'php_admin_value open_basedir "/var/www"'

and guess what - I could no longer log in :-(

so that value is probably wrong :-(