; Be sure to add those trailing slashes to tighten the restriction!
open_basedir = /usr/share/php/:/usr/share/phpmyadmin/:/var/www/

disable_functions = apache_get_modules, apache_get_version, apache_getenv, apache_note, apache_setenv, chgrp, chown, closelog, debugger_off, debugger_on, define_sys, define_syslog_variables, disable_functions, diskfreespace, dl, escapeshellarg, escapeshellcmd, exec, fpaththru, getmypid, getmyuid, highlight_file, ignore_user_abord, ini_restore, leak, link, listen, openlog, passthru, pclose, pcntl_alarm, pcntl_exec, pcntl_fork, pcntl_get_last_error, pcntl_getpriority, pcntl_setpriority, pcntl_signal, pcntl_signal_dispatch, pcntl_sigprocmask, pcntl_sigtimedwait, pcntl_sigwaitinfo, pcntl_strerror, pcntl_wait, pcntl_waitpid, pcntl_wexitstatus, pcntl_wifexited, pcntl_wifsignaled, pcntl_wifstopped, pcntl_wstopsig, pcntl_wtermsig, popen, posix, posix_ctermid, posix_getcwd, posix_getegid, posix_geteuid, posix_getgid, posix_getgrgid, posix_getgrnam, posix_getgroups, posix_getlogin, posix_getpgid, posix_getpgrp, posix_getpid, posix_getppid, posix_getpwnam, posix_getpwuid, posix_getrlimit, posix_getsid, posix_getuid, posix_isatty, posix_kill, posix_mkfifo, posix_setegid, posix_seteuid, posix_setgid, posix_setpgid, posix_setsid, posix_setuid, posix_times, posix_ttyname,
posix_uname, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec, show_source, source, symlink, syslog, system, tmpfile, url_exec, virtual, xgetmypid, ini_set

; Note: A few functions have been left enabled, because certain software depends on it:
; get_loaded_extensions -  piwik-svn/libs/upgradephp/upgrade.php on line 462
;                          in_array() expects parameter 2 to be array, null given
;                          in piwik-svn/libs/upgradephp /upgrade.php on line 462
;                          http://stackoverflow.com/questions/8313247/in-array-giving-warning-message
; getenv        - mediawiki-git/includes/WebStart.php on line 85
; putenv        - mediawiki-git/LocalSettings.php on line 111
; getmypid      - zenphoto/zp-core/functions-basic.php on line 1045
; phpversion    - mediawiki-git/index.php on line 43
; php_uname     - mediawiki-git/includes/GlobalFunctions.php on line 2455
; proc_open     - pnp4nagios: Undefined variable: pipes, application/models/rrdtool.php [36]
; proc_close    - pnp4nagios: proc_close() has been disabled for security reasons, application/models/rrdtool.php [52]
; phpinfo
; chmod, copy, mkdir, rename, rmdir, touch, unlink

; See http://php-security-audit.com/script/view/
disable_classes = splfileobject

expose_php = Off

max_execution_time = 90

error_reporting = E_ALL | E_STRICT

; $ touch /var/log/misc/php.log
; $ chown www-data:www-data /var/log/misc/php.log
error_log = /var/log/misc/php.log

post_max_size = 32M

upload_tmp_dir = /var/lib/php5/

upload_max_filesize = 32M

allow_url_fopen = Off

date.timezone = "Europe/Berlin"

session.gc_probability = 1

; 604800 = 7d
;  86400 = 1d
;   1440 = 24min
session.gc_maxlifetime = 604800