Hi everyone. I'm having a major problem getting vShare 2.7 installed on our server due to seriously unreasonable requests that are made by members from HostOnNet.com who should really know better. First some quick background: In most European countries many servers are being hacked 24 x 7 each and every day, commonly with automated hacking software that pounds the server over and over and over... hundreds of times per hour. Here in Europe, security is vital and we never had a problem instaling and running vShare 2.6 with server security in place (see link).

MeineClipshow - Das Videoclip Portal von EinfachClicken - Einfach Prima!

Recently I paid to have vShare 2.7 installed from scratch on another domain so that I can do the translations, customization, etc. there, before moving everything over to the old location, replacing the current version 2.6 at that time. HostOnNet repeatedly tells me that in order to install version 2.7 we need to:

open_basedir = (no value)
It is not possible to install vShare2.7 without this.


Our server admin, with decades of experience says this:

Ich bin doch sehr verwundert über die scheinbare Unfähigkeit dieser Leute mit den kleinsten PHP Sicherheitsvorkehrungen diese Anwendung zu installieren. Die PHP Open_Basedir aufzuheben gehört mit zu den schlimmsten Sachen für einen Server, da die PHP Anwendungen dann auf den kompletten Server Zugriff haben und im schlimmsten Fall wirklich _ALLE_ Daten das Servers löschen können. Es gibt auch keinen richtigen Grund diesen Zugriff zu erlauben, alle benötigten Tools für VShare befinden sich in dem für PHP zugänglichem Ordner: /usr/php/bin:
ffmpeg flvtool2 mencoder mplayer

Auf mehr sollte diese PHP Software wie jeder andere keinen Zugriff haben ...
Translation, meaning:

"I can't believe that these people are so inept that they're not even capable of dealing with the most rudimentary safety concerns of a basic root server. To set open_basedir = (no value) is the worst possible thing that anyone can do on a server since it generates such a massive security vulnerability that any decent hacker could not only break into the server, but even go as far as to completely wipe out all data that's located on that server. There's no valid reason for that requirement in the first place since all required files such as ffmpeg, flvtool2, mencoder, mplayer are located at the proper location, /usr/php/bin"

HELP ....

So who's wrong and incompetent?
THREE TIMES the question was posted to HostOnNet ... can those settings be reversed again after the installation in order to make the server secure since vShare 2.6 runs without a problem, and THREE TIMES there's been no answer to this question! I'm not a server admin but I need to know who's full of baloney here? Creating such a massive security hole can't possibly be good and if that's what vShare 2.7 needs, then perhaps it's time to rethink that upgrade ... ???

.