PHP INI setting open_basedir

[berridgeab]

Hi

 

I'm running PHP 5.3.3 (Apache) on my local machine and I have never set ini setting "open_basedir" so i have never had any problem with it.

 

Recently I have just built some classes which several sites all use, which resides in directory C:\Core PHP Framework. I point to this by specifying the ini setting "include_path" as C:\Core PHP Framework in my php.ini.

 

However my webserver running the same version of PHP (IIS 7.0) had ini setting "open_basedir" set to the C:\wwwroot which means I cannot access or run scripts outside that directory (or more specifically I cannot access C:\Core PHP Framework).

 

Basically what i'm trying to ask is will I be opening any security holes by disabling this setting, or is this too general of a question?