| Summary | access to /etc/resolv.conf not allowed per open_basedir directive |
| Queue | Horde Base |
| Queue Version | 5.1.4 |
| Type | Bug |
| State | Not A Bug |
| Priority | 1. Low |
| Owners | |
| Requester | x.van_dessel (at) ieee (dot) org |
| Created | 10/23/2013 (4248 days ago) |
| Due | |
| Updated | 10/23/2013 (4248 days ago) |
| Assigned | |
| Resolved | 10/23/2013 (4248 days ago) |
| Github Issue Link | |
| Github Pull Request | |
| Milestone | |
| Patch | No |
horde.conf that contains the open_basedir statement.
link to that bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1022577
State ⇒ Not A Bug
been set by someone/something else, and done wrong.
Priority ⇒ 1. Low
Patch ⇒ No
Milestone ⇒
Queue ⇒ Horde Base
Summary ⇒ access to /etc/resolv.conf not allowed per open_basedir directive
Type ⇒ Bug
State ⇒ Unconfirmed
/usr/share/pear/Horde/Core/Factory/Dns.php
if (is_readable('/etc/resolv.conf')) {
On the other side, this is part of the http configuration file for horde:
php_admin_value open_basedir
"/usr/share/horde:/etc/horde:/usr/share/pear:/tmp:/usr/share/php"
This states that the http engine should not be allowed to access any
data outside the specified directories when running horde code.
It is clear that both statements are contradictory: testing whether
you can read /etc/resolv.conf, but also installing a rule that you
cannot access it.
The only net effect are error messages in the syslog.
Recommendation: no php module should need to natively read
resolv.conf. calling standard name services should be sufficient.