linux-php files only need to have read (r) permission to execute the file is PHP's own special place or C Java file is also like this

Source: Internet
Author: User

Only Read permissions can execute the file properly (is the Boolean user doing this read file?). )

Only the Execute permission prompt is denied (because PHP itself is not an executable file?). Or because it's an interpretive language? )

Read Execute permission error at the same time

Reply content:

Only Read permissions can execute the file properly (is the Boolean user doing this read file?). )

Only the Execute permission prompt is denied (because PHP itself is not an executable file?). Or because it's an interpretive language? )

Read Execute permission error at the same time

The operating system's management of file permissions is far more complex than we imagined. Classic three-bit digital permissions are not a reliable reason to judge permissions at all. Example:

    • The ACL permission system can affect the impact

    • mountCommands and noexec other options that can interfere with the entire mount point's permissions

    • Operating system permissions mechanism, there may be additions and expansions in the future (this is actually the most deadly)

I put the words to the extreme point:"file with rwx" is convenient for people to see, it is not a "read/write/execute permission" condition.

In fact, for the user program, a file can read/write/execute, can not be determined in advance. The only way we can program is to "try it"--without any prior judgment, to execute the operation directly and make a mistake.

At this point, if the execution of permissions, it is very dangerous: the PHP interpreter attempts to execute, if successful, the execution of this file will inevitably occur, inevitably. This means that the PHP interpreter can execute any executable file, even if it is not PHP code.

This way, in the case of the system being hacked, there is unknown file implantation, we will lose the last layer of the PHP interpreter protection, hackers can use the PHP interpreter, arbitrary execution of any language written in any malicious program. The consequences would be devastating.

So "call the PHP command to execute the script just read the permission", this is of course, is also necessary.

In short: The interpreter for any language requires the operating system to try to read the code file and get the code text. After the interpreter obtains the code text, it is responsible for the subsequent work, without the operating system to meddle. The relationship between the interpreter and the code is like the relationship between the editor and the document file. The interpreter will never entrust the operating system to execute arbitrary files.

This is also true of Java. The interpreter for all interpretive languages is like this, with no exceptions--not in the past, not now, not even in the future.

The problem is the way you do it:

#使用php的文件读取test.php文件内容执行;$ php -f test.php$ which php/usr/bin/php./test.php #直接执行test.php文件

two times 进程主体并不一致 ;

When a shell executes a script that interprets a language, it first looks for shebang lines in the header of the file, 按照shebang指定的解释器处理文件内容 and if not, it uses bash to interpret the script by default;

$cat x.php #!/usr/bin/php <-这一行就是shebang
  
   $./x.php  #凡是具有x文件都可以这样直接调用, 并且按照shebang的解释器处理内容;hello#如果没有shebang的情况下, 则必须使用解释器(php)显式进行调用$ php -f x.php # 有无shebang均无所谓, 只是把x.php文件内容读取出来传递给php解释器; 所以文件必须有r权限;hello$
  • Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.