将上载的文件作为php的根目录移动到其他用户主文件夹
[英]move uploaded file to different user home folder as root in php
问题描述
I'm creating a php proxy upload script to handle incoming file uploads from a desktop app. 
我正在创建一个php代理上传脚本来处理来自桌面应用程序的传入文件上传。
File uploads are secured and only permitted people can send files but they all have a different user on a CentOS server thus each with a different home directory 文件上传是安全的,只有获准人员才能发送文件,但是他们在CentOS服务器上的用户都不同,因此每个人都有不同的主目录
This php upload proxy is on it own home directory 此php上传代理位于其自己的主目录中
How can this file move the uploaded tmp file to a different home directory than its own? 该文件如何将上传的tmp文件移动到与其自身不同的主目录中?
I tried with full hope to chown the php file to root, but this doesn't work. 我满怀希望地尝试将php文件扎根,但这是行不通的。 Php isn't even executed when the file is requested. 请求文件时,甚至没有执行PHP。
how to permit this script to upload files wherever it wants? 如何允许此脚本将文件上传到所需位置? I obviously don't want to chmod 777 the (predefined) target directories 我显然不想chmod 777(预定义)目标目录
1 个解决方案
解决方案1
0 2015-06-03 11:28:26
Assuming it's running under Apache, the INSECURE option is to allow the process itself (not the file) to run as root. 假设它在Apache下运行,则INSECURE选项允许进程本身(而不是文件)以root身份运行。 Just to make doubly sure, this is a BAD option. 可以肯定的是,这是一个不好的选择。
The better option is to create a directory in each user's home that allows write only access to PHP. 更好的选择是在每个用户的主目录中创建一个目录,该目录仅允许对PHP进行写访问。 No read, no execute, just a blind drop box. 没有读取,没有执行,只是一个盲注框。 You can achieve this with ACL's or with permissions. 您可以使用ACL或许可来实现。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.