Welcome to Geeklog, Anonymous Thursday, March 28 2024 @ 07:13 am EDT

Geeklog Forums

media gallery and plesk


Status: offline

gape

Forum User
Full Member
Registered: 05/30/02
Posts: 138
i have few problems with media gallery

as i wrote before
http://www.geeklog.net/forum/viewtopic.php?showtopic=91823&mode=&show=5&page=4
plesk on server vas upgraded to next version (9 i think)
and the gallery has a problem now
(plesk got upgraded few days after i installed geeklog, configured it and installed plugins - so after a week or so i reinstalled on fresh database)

php is configured (to run as) apache module
with
PHP 'safe_mode' on
UNCHECKED

(this is the only way i found i can upload new pictures thru browser)

but i cant access configuration - particularly
System Options

the error is:
Text Formatted Code
2 - file_exists() [function.file-exists]: open_basedir restriction in effect. File(/usr/bin/jhead) is not within the allowed path(s): (/snip/httpdocs:/tmp:/snip/private/snip) @ /snip/httpdocs/admin/plugins/mediagallery/cfgedit.php line 245


line 245:
Text Formatted Code
if ( file_exists( $_MG_CONF['jhead_path'] . $binary ) ) {


in configuration jhead is UNCHECKED
(deleted even the path that was there to /usr/bin)

in line 230 i read:
Text Formatted Code
    if ( ini_get('safe_mode') != 1 && $_MG_CONF['skip_file_find'] ==[b] 0[/b] ) {  // don't check in safe mode, the file_exists() will fail
 

do i want to put this 0 to 1 ?

pls help
 Quote

Status: offline

suprsidr

Forum User
Full Member
Registered: 12/29/04
Posts: 555
Location:Champaign, Illinois
Plesk is a great control panel, but one annoying setting is open_basedir setting enabled by default.
Asking for help over at the parallels forums won't get you the answer either.

What you need to do is add a file vhost.conf to:
/usr/local/www/vhosts/yoursite.com/conf
or
/var/www/vhosts/yoursite.com/conf
whichever for your server setup
contents:
Text Formatted Code

<Directory  /usr/local/www/vhosts/yoursite.com/httpdocs>
DirectoryIndex at_domains_index.html index.php index.html index.htm
php_admin_value open_basedir none
</Directory>
 

making sure the <Directory path is correct for your site.
then restart apache

unfortunately you have to do this for each site you create. You can add the file to your skeleton, but you'll still need to edit.

-s
FlashYourWeb and Your Gallery with the E2 XML Media Player for Gallery2 - http://www.flashyourweb.com
 Quote

Status: offline

gape

Forum User
Full Member
Registered: 05/30/02
Posts: 138
ty 4 the sugestion

but is its such a security hole (risk) that the owner of the server found me an error and how to get rid of it

/snip/plugins/mediagallery/config.php:$_MG_CONF['skip_file_find'] = 0;
// If you have openbasdir restriction errors set this to 1

Razz

must remember to go and check config files (since most config files were transfered to database i tend to forget that i can override any setting there)



furthermore

noone is advised to follow the example that u gave
couse ALL server is accessible to php if u disable open_basedir
 Quote

Status: offline

suprsidr

Forum User
Full Member
Registered: 12/29/04
Posts: 555
Location:Champaign, Illinois
noone is advised to follow the example that u gave
couse ALL server is accessible to php if u disable open_basedir


You are wrong sir.

open_basedir is the lazy man's security and is an extremely poor implementation of any security model.
IMHO is should never be the included in any layer of defense.

-s
FlashYourWeb and Your Gallery with the E2 XML Media Player for Gallery2 - http://www.flashyourweb.com
 Quote

Status: offline

gape

Forum User
Full Member
Registered: 05/30/02
Posts: 138
xaxaxa
ok
will let him know
RazzPPP

(but i agree with previously stated - when u host servers for others they might install strange php code on your sever, since u cannot control this, u do it this way)
 Quote

All times are EDT. The time is now 07:13 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content