php: open_basedir and /dev/urandom
Question
Calling the Pear Mail class in some instances automatically attempts to read /dev/urandom , however access is restricted due to an open_basedir setting. Is it safe to add /dev to open_basedir ? Or is there a better way around this?
2 answers
solution1
1 2008-10-25 20:35:11
Do you trust everyone who will be writing PHP for your server? If not, then adding /dev to open_basedir is probably a bad idea.
As for why, the only reason I can think of for why random numbers would be needed is if you are trying to start an SSL connection with an SMTP server. Are you trying to use SSL?
solution2
0 2019-02-05 16:52:36
Empirical testing (in PHP 7.1.18) shows you can add /dev/urandom to open_basedir to allow access to only that 'device' (provided there is no trailing slash, ie not /dev/urandom/ ). More generally, you can allow access to specific files within a directory without allowing access to the directory itself, other files within it, or subdirectories.
I don't know if this (apparently undocumented) feature was present in PHP at the time the question was asked.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.