由 longdas 在 10-21-2003 14:05 发表:
如何取消PHP的目录执行力
Alias /scms/ "/home/scms/"
567
1<directory "="" home="" scms"="">
2
3568 Options Indexes MultiViews
4
5569 AllowOverride None
6
7570 Order allow,deny
8
9571 Allow from all
10
11572 </directory>
发现这个目录还有PHP的执行能力,怎么样去除。
redhat 7.3/8.0/9/0
HP lh 6000 server
Dell 2650 Server
由 dato 在 10-21-2003 14:14 发表:
./configure --enable-safe-mode
change php.ini ,set by yourself
> quote:
>
> * * *
>
> ; Safe Mode
>
> ;
>
> safe_mode = Off
>
>
>
> ; By default, Safe Mode does a UID compare check when
>
> ; opening files. If you want to relax this to a GID compare,
>
> ; then turn on safe_mode_gid.
>
> safe_mode_gid = Off
>
>
>
> ; When safe_mode is on, UID/GID checks are bypassed when
>
> ; including files from this directory and its subdirectories.
>
> ; (directory must also be in include_path or full path must
>
> ; be used when including)
>
> safe_mode_include_dir =
>
>
>
> ; When safe_mode is on, only executables located in the safe_mode_exec_dir
>
> ; will be allowed to be executed via the exec family of functions.
>
> safe_mode_exec_dir =
>
>
>
> ; Setting certain environment variables may be a potential security breach.
>
> ; This directive contains a comma-delimited list of prefixes. In Safe Mode,
>
> ; the user may only alter environment variables whose names begin with the
>
> ; prefixes supplied here. By default, users will only be able to set
>
> ; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
>
> ;
>
> ; Note: If this directive is empty, PHP will let the user modify ANY
>
> ; environment variable!
>
> safe_mode_allowed_env_vars = PHP_
>
>
>
> ; This directive contains a comma-delimited list of environment variables that
>
> ; the end user won't be able to change using putenv(). These variables will be
>
> ; protected even if safe_mode_allowed_env_vars is set to allow to change them.
>
> safe_mode_protected_env_vars = LD_LIBRARY_PATH
>
>
>
> ; open_basedir, if set, limits all file operations to the defined directory
>
> ; and below. This directive makes most sense if used in a per-directory
>
> ; or per-virtualhost web server configuration file. This directive is
>
> ; NOT affected by whether Safe Mode is turned On or Off.
>
> ;open_basedir =
>
> * * *
maybe need install new php ver 4.3.3
if you install php as apache SAPI mode
add this in you httpd.conf
php_admin_value open_basedir /w3/www
HOHO,OMG chinese english
hoho,why SCIM crash
Webmasterworld -- the next person you help may just be yourself!
由 longdas 在 10-21-2003 14:17 发表:
其他的PH