linux-php files only need to have read (r) permission to execute the file is PHP's own special place or C Java file is also like this

Only Read permissions can execute the file properly (is the Boolean user doing this read file?). )

Only the Execute permission prompt is denied (because PHP itself is not an executable file?). Or because it's an interpretive language? ）

Read Execute permission error at the same time

Reply content:

Only Read permissions can execute the file properly (is the Boolean user doing this read file?). )

Only the Execute permission prompt is denied (because PHP itself is not an executable file?). Or because it's an interpretive language? ）

Read Execute permission error at the same time

The operating system's management of file permissions is far more complex than we imagined. Classic three-bit digital permissions are not a reliable reason to judge permissions at all. Example:

• The ACL permission system can affect the impact

• mountCommands and noexec other options that can interfere with the entire mount point's permissions

• Operating system permissions mechanism, there may be additions and expansions in the future (this is actually the most deadly)

I put the words to the extreme point:"file with rwx" is convenient for people to see, it is not a "read/write/execute permission" condition.

In fact, for the user program, a file can read/write/execute, can not be determined in advance. The only way we can program is to "try it"--without any prior judgment, to execute the operation directly and make a mistake.

At this point, if the execution of permissions, it is very dangerous: the PHP interpreter attempts to execute, if successful, the execution of this file will inevitably occur, inevitably. This means that the PHP interpreter can execute any executable file, even if it is not PHP code.

This way, in the case of the system being hacked, there is unknown file implantation, we will lose the last layer of the PHP interpreter protection, hackers can use the PHP interpreter, arbitrary execution of any language written in any malicious program. The consequences would be devastating.

So "call the PHP command to execute the script just read the permission", this is of course, is also necessary.

In short: The interpreter for any language requires the operating system to try to read the code file and get the code text. After the interpreter obtains the code text, it is responsible for the subsequent work, without the operating system to meddle. The relationship between the interpreter and the code is like the relationship between the editor and the document file. The interpreter will never entrust the operating system to execute arbitrary files.

This is also true of Java. The interpreter for all interpretive languages is like this, with no exceptions--not in the past, not now, not even in the future.

The problem is the way you do it:

#使用php的文件读取test.php文件内容执行;$ php -f test.php$ which php/usr/bin/php./test.php #直接执行test.php文件

two times 进程主体并不一致 ;

When a shell executes a script that interprets a language, it first looks for shebang lines in the header of the file, 按照shebang指定的解释器处理文件内容 and if not, it uses bash to interpret the script by default;

$cat x.php #!/usr/bin/php <-这一行就是shebang
  
   $./x.php  #凡是具有x文件都可以这样直接调用, 并且按照shebang的解释器处理内容;hello#如果没有shebang的情况下, 则必须使用解释器(php)显式进行调用$ php -f x.php # 有无shebang均无所谓, 只是把x.php文件内容读取出来传递给php解释器; 所以文件必须有r权限;hello$

