chmod 757安全吗? [英] Is chmod 757 safe?
问题描述
由于我位于共享主机上,因此我想添加一个图像托管脚本,似乎使用755不允许我上传图像,因此我将文件夹更改为757,将chmod更改为757是否安全? / p>
As i am on a shared host , i want to add a image hosting script and it seems that with 755 it doesnt allow me to upload images, so i changed the folder to 757 , is it safe to chmod to 757?
推荐答案
总之,没有。用两个词,地狱。不!
In a word, no. In two words, "hell. no!"
让我们解释757:那就是
Let's interpret 757: that would be
- 所有者:可读写执行
- 对文件具有权限的组:读取-执行
- 其余世界:读取写执行
- owner: read write execute
- groups that have permissions on the file: read - execute
- the rest of the freaking world: read write execute
现在,考虑有人恶意上传了简短的shell脚本:
now, consider someone malicious uploading a short shell script:
#!/bin/sh --
rm -rf /
更新
Aha,文件夹。好的,这是要解决的问题:如果您没有在目录上设置执行位,则会阻止搜索目录。主机要求您执行world = RWX的原因是他们没有像您一样运行Web服务器,因此他们采取了简单而又愚蠢的方法来修复它。
Aha, the "folder". Okay, here's the deal: if you don't have the execute bit set on a directory, that blocks searching the directory. The reason the host is asking you to do the world=RWX is that they aren't running the web server as you, so they're taking the simple and dumb route to fix it.
这里有两种可能性:
-
它们有适当的方案来确保上传的权限该目录中的文件无法设置执行位
它们还没有被烧掉 p>
they don't and haven't gotten burned yet
假设您的主机不是傻瓜,请看775会发生什么
On the assumption that your hosts aren't fools, see what happens with 775.
这篇关于chmod 757安全吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!