Should I enable open_basedir with CageFS?

Issue

I have open_basedir enabled on our CloudLinux server. There's CageFS activated. 

Does open_basedir have additional security or benefits with CageFS already in place, or would it be safe to disable it without impacting server security?

Environment

• open_basedir
• CageFS

Solution

open_basedir and CageFS are both security features but they operate at different levels and provide different type of protection:

• open_basedir is a PHP directive that restricts file operations to specific directories. It's a way to prevent PHP scripts from accessing sensitive parts of the file system;
• CageFS is a virtualized file system that isolates each user's file system from others.

While both open_basedir and CageFS provide security, they do so in different ways and at different levels. CageFS provides a higher level of isolation and security than open_basedir, but open_basedir can still provide an additional layer of security by restricting file operations to specific directories.

In other words, while open_basedir can provide additional security even when CageFS is in place, whether it's necessary or beneficial to keep it enabled depends on your specific situation and needs.