require_once(../../path/to/script.php) 无法打开流权限被拒绝
请参阅此处的示例: http://mattpotts.com/portal/
我放置了一个 includeme. htm 在所需路径上的每个目录中查找故障点。它在具有相同目录结构的本地计算机(Windows)上运行良好,但在远程(Linux)服务器上失败。
目录结构:
+-firefli/ drwx--x--x
+-private_html/ drwx------
+-foo/ drwxr-xr-x
+-bar/ drwxr-xr-x
+-portal/ drwxr-wr-w
+-public_html/ drwxr-wr-w
+-foo/ drwxr-wr-w
+-portal/ drwxr-wr-w权限确认是 private_html 目录导致了问题。希望您能看到目录结构的用途,我不知道这是否是一种常见的处理方式,但它对我有用。嗯,直到现在。
我已经花了很长的时间来问这个问题,但我的问题很简单:将 private_html 设置为 drwxr-xr-x 有什么问题吗?鉴于我不希望它可以通过网络访问。但权限不应该这样做,不是吗?因为 apache 使 public_html 目录可以通过 http 访问。
See an example here: http://mattpotts.com/portal/
I put an includeme.htm in each directory on the required path to find the point of failure. It works fine on my local machine (windows) with the same directory structure but fails on my remote (linux) server.
Directory structure:
+-firefli/ drwx--x--x
+-private_html/ drwx------
+-foo/ drwxr-xr-x
+-bar/ drwxr-xr-x
+-portal/ drwxr-wr-w
+-public_html/ drwxr-wr-w
+-foo/ drwxr-wr-w
+-portal/ drwxr-wr-wThe permissions confirm that it's the private_html directory causing the trouble. Hopefully you can see the purpose of the directory structure, I don't know if it's a common way of doing things but it works for me. Well, until now.
I've gone a very long way around asking it but my question is simply this: is there anything wrong with setting private_html to be drwxr-xr-x? Given that I do not want it to be accessible via the web. But the permissions shouldn't do that should they? Because it's apache making the public_html directory accessible via http.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您不需要阻止对 private_html 具有文件夹/文件权限的 Web 用户,因为它位于 Web 根目录之外。正如你所说,网络用户只能获取 public_html 中的内容
为了将来的调试速度,如果你有相对网络路径,你可以使用 realpath 将其转换为真实路径:
You shouldn't need to block out web users with folder/file permissions on private_html, as it's outside the web root. As you say, web users can only get to stuff in public_html
For future debugging speed, if you have a relative web path you can convert it to a real path using realpath:
好吧,如果您已正确设置
DocumentRoot以指向public_html,则无论您赋予它什么权限,都无法从网络访问它。如果不放入可重定向的 .htaccess 文件,则无法从 Web 访问私有 HTMl。如果您不知道这意味着什么/如何做到这一点,那么您是安全的。
您应该将这些权限设置为您的脚本需要的任何内容。
Well, if you have set up your
DocumentRootcorrectly to point topublic_html, it won't be accessible from the web, no matter what permissions you put on it.The Private HTMl is not accessible from the web without you putting in a .htaccess file that would redirect it. If you don't know what that means/how to do that, you are safe.
You should be fine setting these permissions to whatever your script needs.
private_html的user:group是什么? Web 服务器必须是该组的成员或文件的所有者。为了读取目录内容,目录需要具有execute权限,以便网络服务器打开它。本质上,它们应该具有与public_html相同的user:group。您只想禁止write权限。他是网络服务器。如果您将文档根目录设置为public_html,则无论权限如何,都无法通过网络访问private_html。另外,我总是在文件操作的路径参数上使用realpath。what are the
user:groupforprivate_html? The web server needs to be either a member of the group or the owner of the file. In order to read the directory contents the dirctory needs to have theexecutepermission for the webserver to open it. Essentially they should have the sameuser:groupaspublic_html. You just want to disallow thewritepermission. tot he webserver. If you have set your document root topublic_htmlprivate_htmlis not accessible via the web no matter what the permissions. Also, i always userealpathon the path arguments to and file operation.