I have an Apache 2 web server that allows access to the public_html directory for each user via mod_userdir, like this:
<IfModule mod_userdir.c>
UserDir public_html
UserDir disabled root
<Directory /home/*/public_html>
# [*] configuration here
</Directory>
</IfModule>
I would like to additionally configure PHP's open_basedir directive to forbid file access outside the user's homedir. For user jim, the directive would be
php_admin_value open_basedir "/home/jim/"
Question: Does Apache offer a way to do this through a variable at the spot marked [*] above, something like the following?
<Directory /home/*/public_html>
php_admin_value open_basedir "${APACHE_CURRENT_DIRECTORY}"
</Directory>
I don't know much about mod_php, but this should work. I assume that your APACHE_CURRENT_DIRECTORY variable is supposed to point to the current directory context, so just placing a "." will take care of it (unless mod php doesn't behave). Let me know how it goes.
<Directory /home/*/public_html>
php_admin_value open_basedir "."
</Directory>