无论如何创建一个 php 沙箱供用户开发?
我和我网站上的一位用户将开发一个新的网络应用程序。我想创建一个我们可以在其中工作的文件夹,而不必担心他可以在该文件夹之外读取配置文件等。
是否有一种方法可以创建一个沙盒区域,以防止用户在该文件夹之外包含内容 - 同时仍然保留网站的其余部分是否相同?
几乎就像该文件夹的 open_basedir 一样。
A user on my site and I are going to be developing a new web app. Id like to create a folder that we can work in without the fear that he could read outside that folder potentially reading config files etc.
Is there a way to create a sandboxed area that would prevent the user from including outside that folder - while still keeping the rest of the site the same?
Almost like an open_basedir for that one folder.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
为他创建一个完全独立的 apache 虚拟主机可能会更好。让他在文件夹中工作意味着他必须在所有链接中考虑该文件夹。例如,为了让他的沙箱正常工作,他需要构建如下链接:
这不是什么大问题,但绝对是一种痛苦。
更进一步,创建一个全新的虚拟机供他使用可能会更容易。
It might be better to create an entirely separate apache vhost for him. Having him work in a folder means that he has to account for the folder in all his links. As in, for his sandbox to work, he needs to build links like:
It's not a huge deal, but its definitely a pain.
To go even further, it might be easier to create a whole new VM for him to work on.
这通常是通过将 Web 服务器配置为在只能访问选定的几个目录的非特权用户下运行来完成的。
This is usually done by configuring the web server to run under an unprivileged user that has access to a selected few directories only.