如何取消PHP的目录执行力

由 longdas 在 10-21-2003 14:05 发表:

如何取消PHP的目录执行力

Alias /scms/ "/home/scms/"

567

 1<directory "="" home="" scms"="">   
 2  
 3568 Options Indexes MultiViews   
 4  
 5569 AllowOverride None   
 6  
 7570 Order allow,deny   
 8  
 9571 Allow from all   
10  
11572 </directory>

发现这个目录还有PHP的执行能力,怎么样去除。


redhat 7.3/8.0/9/0

HP lh 6000 server

Dell 2650 Server


由 dato 在 10-21-2003 14:14 发表:


./configure --enable-safe-mode

change php.ini ,set by yourself

> quote: > > * * * > > ; Safe Mode
>
> ;
>
> safe_mode = Off
>
>
>
> ; By default, Safe Mode does a UID compare check when
>
> ; opening files. If you want to relax this to a GID compare,
>
> ; then turn on safe_mode_gid.
>
> safe_mode_gid = Off
>
>
>
> ; When safe_mode is on, UID/GID checks are bypassed when
>
> ; including files from this directory and its subdirectories.
>
> ; (directory must also be in include_path or full path must
>
> ; be used when including)
>
> safe_mode_include_dir =
>
>
>
> ; When safe_mode is on, only executables located in the safe_mode_exec_dir
>
> ; will be allowed to be executed via the exec family of functions.
>
> safe_mode_exec_dir =
>
>
>
> ; Setting certain environment variables may be a potential security breach.
>
> ; This directive contains a comma-delimited list of prefixes. In Safe Mode,
>
> ; the user may only alter environment variables whose names begin with the
>
> ; prefixes supplied here. By default, users will only be able to set
>
> ; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
>
> ;
>
> ; Note: If this directive is empty, PHP will let the user modify ANY
>
> ; environment variable!
>
> safe_mode_allowed_env_vars = PHP_
>
>
>
> ; This directive contains a comma-delimited list of environment variables that
>
> ; the end user won't be able to change using putenv(). These variables will be
>
> ; protected even if safe_mode_allowed_env_vars is set to allow to change them.
>
> safe_mode_protected_env_vars = LD_LIBRARY_PATH
>
>
>
> ; open_basedir, if set, limits all file operations to the defined directory
>
> ; and below. This directive makes most sense if used in a per-directory
>
> ; or per-virtualhost web server configuration file. This directive is
>
> ; NOT affected by whether Safe Mode is turned On or Off.
>
> ;open_basedir = > > * * *

maybe need install new php ver 4.3.3

if you install php as apache SAPI mode

add this in you httpd.conf

php_admin_value open_basedir /w3/www

HOHO,OMG chinese english

hoho,why SCIM crash


http://dato.minidns.net

Webmasterworld -- the next person you help may just be yourself!


由 longdas 在 10-21-2003 14:17 发表:


其他的PH

Published At
Categories with 服务器类
Tagged with
comments powered by Disqus