-1

I have a php (php-fpm) script script1.php running in /var/www/html/folder1/script1.php, protected with open_basedir "/var/www/html/folder1".

From that script, I call a 2nd script script2.php located in /var/www/html/folder2/script2.php through php-curl.

I call script2 using its public load balancer IP, yet, I get an error from script1, open_basedir in effect. I'm not sure why that's happening since curl is http://, not file://, and shouldn't resolve the file system the way it does. Or should it? I don't intend to change that open_basedir parameter. What's my best course of action?

Sebas
  • 21,192
  • 9
  • 55
  • 109
  • Curl returns the error from script1 because you call script2 from script1 so script1 gets the response of the error. you have your open_basedir setup wrong. – Nemoko Mar 15 '22 at 15:29
  • script2.php is called through a standard http request. they are not in the same basedir because they are 2 different websites, just hosted on the same localhost. – Sebas Mar 15 '22 at 16:11
  • Whoops my bad, misinterpreted the question, can you show us the php.ini, are you sure there are not any other `open_basedir` active? – Nemoko Mar 15 '22 at 16:14

1 Answers1

0

Ok I worked it out. Even though php has different child Pids for each script execution, it still considered script2 being called from script1 directly, hence falling within open_basedir jurisdiction. I'm not sure why, since the curl call is emulating an http request and therefore should spawn a brand new process...

Either way, I forced /var/www/html/folder2 into a 2nd php-fpm pool, so not only the children have different PIDs but also the parent process as well. Now curl calls script2, and a separate context is created to handle it. This way, openbase_dir is recalculated correctly and my problem was solved.

Creating a 2nd php-fpm pool is really easy. I use Apache 2.4 but here is an example for nginx that I loosely followed for this exercise: https://www.vultr.com/docs/use-php-fpm-pools-to-secure-multiple-web-sites/

Sebas
  • 21,192
  • 9
  • 55
  • 109