30 Oct
2013
30 Oct
'13
5:11 p.m.
Am 30.10.2013 15:54, schrieb Michael Orlitzky:
On 10/30/2013 09:01 AM, Benny Pedersen wrote:
Michael Orlitzky skrev den 2013-10-28 20:49:
php_admin_value open_basedir /var/www/$domain/$host/ php_admin_value upload_tmp_dir /var/www/$domain/$host/tmp php_admin_value session.save_path /var/www/$domain/$host/tmp php_admin_value sys_temp_dir /var/www/$domain/$host/tmp
so dont create tmp upload dirs in webroot, this is classic way of showing no care
DocumentRoot is /var/www/$domain/$host/public
and so open_basedir should be the same and *not* include "upload_tmp_dir" and "session.save_path", otherwise this all is nonsense from security point of view
and to come back to topic: do *not* install a public webserver on your mailserver - period