After enabling safe_mode the demonstration failed ... (I removed the open_basedir restriction). The trick is to set the base directory for all virtual hosts owned by root ... this prevents the readout ... (if safe_mode is active).
(Be sure to set safe_mod_gid to OFF otherwise users which are in the same group can read the others directories...)
Also set safe_mode_exec_dir to some empty directory to prevent scripting attacks ...
Well to use open_basedir on a virtualhost basis it also secures things ... like described in
http://www.php.net/manual/en/security.apache.php ... in detail (with the extension of doc_root for additional security):
Code:
Example:
<VirtualHost www.example.com>
ServerName www.example.com
DocumentRoot /www-home/example.com
[...]
<Location />
php_admin_value doc_root \ "/www-home/example.com/"
php_admin_value open_basedir \ "/www-home/example.com/:/usr/lib/php/"
</Location>
</VirtualHost>