dso(mod_php)和FTP /文件权限
[英]dso (mod_php) and FTP/File permissions
问题描述
I'm a bit baffled here. 
我在这里有点困惑。 But it might just be my lack of experience. 但这可能只是我缺乏经验。
I have setup PHP DSO (mod_php) and my server runs smoothly and stable. 我已经安装了PHP DSO(mod_php),并且服务器运行平稳且稳定。 The issue is, though, that in order to run php with includes and everything, I had to set all user account files (/home/*/public_html/*) owner to nobody:nobody. 但是,问题是,为了运行包含和所有内容的php,我必须将所有用户帐户文件(/ home / * / public_html / *)所有者设置为nobody:nobody。
This introduces two questions for me: - Is this really necessary? 这给我带来了两个问题:-这真的必要吗? I'd rather have them user:user - What about FTP? 我希望他们有user:user-FTP呢? If I upload files using FTP, they're owned by user:user so they can't be included in another php file (throws errors). 如果我使用FTP上传文件,则它们归user:user所有,因此它们不能包含在另一个php文件中(引发错误)。 Files that are owned by nobody:nobody can't be modified through ftp.. 没有人拥有的文件:任何人都无法通过ftp进行修改。
FYI: I also have SuEXEC enabled. 仅供参考:我还启用了SuEXEC。 Should I disable this? 我应该禁用它吗?
FYI2: I know I could set all permissions to 777, but that's just wrong. FYI2:我知道我可以将所有权限设置为777,但这是错误的。
Thanks a lot! 非常感谢!
1 个解决方案
解决方案1
0 已采纳 2012-03-10 10:26:13
Ordinary "nobody" should only read executing files, and write/own only files that can be changed by php. 普通的“没人”应该只读取执行文件,而只写/拥有可以被php更改的文件。 Most files owner should be your ftp user. 大多数文件所有者应该是您的ftp用户。
Bad practice to keep php rights to change executable files. 保留php更改可执行文件权限的错误做法。
Also if "nobody" has rights to run as root it provides php (and therefore users) all his rights. 同样,如果“没人”有权以root用户身份运行,它将向php(并因此向用户)提供其所有权利。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.