When using an open_basedir restriction for php, which is advisable for securety, having the config file outside the webroot is not working. Perhaps it would be better to reverse the symlink, where the original stays in the phpmyadmin dir and /etc/phpmyadmin/config.inc.php is a symlink to that file. Reproducible: Always Steps to Reproduce: 1.Not neccesary i assume 2. 3.
no it wouldn't. the config is in /etc/phpmyadmin for the exact reason that we want it under CONFIG_PROTECT. open_basedir is some very hollow security anyway. ?php $foo = file("/somepath/test"); print_r($foo); $bar = `cat /somepath/test`; print_r($bar); ? open_basedir will block the first one, but not the second.
I'm open to suggestions on this. If there's a good way to reconcile open_basedir with CONFIG_PROTECT then tell me! Otherwise, in a two weeks I'll close this bug as WONTFIX.
Closing as WONTFIX due to lack of feedback