• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.

Resolved What speaks against including /dev/urandom in openbasedir settings?

Bitpalast

Bitpalast

Plesk addicted!
Plesk Guru
How to set up php custom php settings for the domain

Why is /dev/urandom not included in openbasedir settings by default? I am trying to think of a vulnerability that this could open, but as it is a device and cannot be "deleted" or modified by PHP, why would that path not be in the openbasedir paths by default? Or am I wrong and PHP could tamper with /dev/urandom?
 
I think this is done because it's impossible to add everything to the open_basedir by default, so the customization ability was added :)
 
OK, I did several tests yesterday, too, with PHP scripts that tried to attack that location. Everything worked fine, no successfull attack possible, so i think it is o.k. to add it to the open_basedir path.
 
You must log in or register to reply here.

Similar threads

isotophe
Question Duplicate Roundcube installation / getting a second Roundcube to run
Replies
5
Views
769
isotophe
isotophe
P
Question Drupal CMS 1.0 with Plesk: Composer PATH issue for automatic updates
Replies
7
Views
1K
horvan
H
G
Question Automatic redirecting to custom errorpages in PHP
Replies
2
Views
523
GuiltySpark
G
S
Issue Create new subdomain uses wrong directory
Replies
3
Views
550
SiegbertG
S
B
Question Reverse Proxy Setup: VPS + Mikrotik DDNS – Feeling Lost
Replies
1
Views
2K
iberium456
I
Back
Top