The current php site security configuration is substantially open_basedir+safemode, it is indeed very invincible, very safe, even when permission is not a good environment settings, so the configuration is quite safe, and, of course, does not consider some of the you can bypass. This article discusses two points of the open open_basedir may lead to security risks real encounter, one that may belong to the php of a small bug, the other one may be due to improperly configured produce.
One, open_basedir processed file path when not strictly considering the directory exists, this will lead to local or local file read bypass.
Look at a local file arbitrary read example:
<? php $file = $_GET['file']; preg_match("/^img/", $file) or die('error_file'); $file='/home/www/upload/'.$ file; file_exists($file) or die('no_such_file'); $f = fopen("$file", 'r');