From b6028e4d49a8e766290096575c80298c2ae2eab5 Mon Sep 17 00:00:00 2001
From: Thierry Parmentelat <thierry.parmentelat@inria.fr>
Date: Tue, 11 Dec 2012 17:52:03 +0100
Subject: [PATCH] set open_basedir in php.ini to stop leaks thanks to Ciro &
 Mike

---
 plc.d/httpd | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/plc.d/httpd b/plc.d/httpd
index 94b4e18..3d21644 100755
--- a/plc.d/httpd
+++ b/plc.d/httpd
@@ -56,6 +56,10 @@ case "$1" in
 	include_path=".:$DocumentRoot/planetlab/includes:$DocumentRoot/plekit/php:$DocumentRoot/generated:/etc/planetlab/php:/usr/share/plc_api/php"
 	sed -i -e "s@[;]*include_path = \"\.:.*\"@include_path = \"$include_path\"@" $php_ini
 
+	# Set open_basedir so as to avoid leaks
+	open_basedir="$DocumentRoot:/etc/planetlab/php:/usr/share/plc_api/php:/var/log/myslice:/var/tmp/bootmedium:/tmp"
+	sed -i -e "s@[;]*open_basedir =.*@open_basedir = \"$open_basedir\"@" $php_ini
+	
 	# for php-5.3 under fedora12, otherwise issues tons of warning messages
 	# Set timezone in php.ini if not already there
 	if grep '^;date.timezone' $php_ini >& /dev/null; then
-- 
2.47.0