Menu
Calling the Pear Mail class in some instances automatically attempts to read /dev/urandom, however access is restricted due to an open_basedir setting. Is it safe to add /dev to open_basedir? Or is there a better way around this?
369
Do you trust everyone who will be writing PHP for your server? If not, then adding /dev to open_basedir is probably a bad idea.
As for why, the only reason I can think of for why random numbers would be needed is if you are trying to start an SSL connection with an SMTP server. Are you trying to use SSL?
183
Empirical testing (in PHP 7.1.18) shows you can add /dev/urandom to open_basedir to allow access to only that ‘device’ (provided there is no trailing slash, i.e. not /dev/urandom/). More generally, you can allow access to specific files within a directory without allowing access to the directory itself, other files within it, or subdirectories.
I don't know if this (apparently undocumented) feature was present in PHP at the time the question was asked.
41
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
