使用从PHP / CGI不好的做法shell命令？ [英] Is using shell commands from PHP/CGI bad practice?

问题描述

的shell命令视为一个合法的编程接口？具体来说，就是有什么问题从PHP页面或者CGI文件的Linux应用程序服务器上执行的bash shell命令？这是否引进效率和安全问题？

Are shell commands considered a legitimate programming interface? Specifically, is there anything wrong with executing bash shell commands on a linux application server from PHP pages or CGI files? Does this introduce efficiency or security issues?

感谢

推荐答案

有时，解决问题的最好办法。

Sometimes OK, but...

---

Sometimes it's the best way to solve a problem.

不过，可能的问题是：

的 安全的

Security

查找出的 code注射液 如果你不这样做 错误检查 。

性能的

Performance

运行shell命令会涉及 分叉 的PHP间preTER和执行复杂且相对缓慢 系统调用 这是一个不大的服务器确定，但不会为一个繁忙的网站工作。

Running shell commands will involving forking the PHP interpreter and executing complex and relatively slow system calls. This is OK for a lightly loaded server but won't work for a busy site.

同步的

Synchronization

确保事情按正确的顺序发生可避免众所周知的问题所谓的更新丢失的脏读的和的不正确摘要的。虽然shell命令本身不是任何这些东西的原因，运行它们异步方式就可以了，增加了您的系统的复杂性将使其难以分析。

Ensuring that things happen in the right order avoids well-known problems called lost updates, dirty reads, and incorrect summaries. While shell commands are not by themselves a cause of any of these things, running them asynchronously can be, and increasing the complexity of your system will make it harder to analyze.

这篇关于使用从PHP / CGI不好的做法shell命令？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！