| PHP安全模式漏洞分析 |
| |
| 引用本文: | 冯硕,李永义.PHP安全模式漏洞分析[J].网络安全技术与应用,2011(4):9-11. |
| |
| 作者姓名: | 冯硕 李永义 |
| |
| 作者单位: | 1. 唐山广播电视大学教学管理中心,河北,063000
2. 唐山广播电视大学网络中心,河北,063000 |
| |
| 摘 要: | PHP中的safe_mode能够实现对命令、函数及文件访问权限等功能限制,因此在PHP的安全配置中起着重要作用,但safe_mode并非万能的,而且其提供的安全保护也存在很多安全漏洞,主要表现在其自身代码编写不够完善、Win32自身问题影响到部分PHP函数可任意调用受限命令和函数以及一些第三方组件的应用带来的安全隐患等。
|
| 关 键 词: | 安全模式 远程过程调用 动态载入 |
the Bugs of PHP's Safe_mode Analyses |
| |
| Feng Shuo,Li Yonyi.the Bugs of PHP's Safe_mode Analyses[J].Net Security Technologies and Application,2011(4):9-11. |
| |
| Authors: | Feng Shuo Li Yonyi |
| |
| Affiliation: | 1Tangshan Radio&TV University,Teaching Management Center,Hebei 063000,China 2Tangshan Radio&TV University,Network Center,Hebei,063000,China |
| |
| Abstract: | As a very important option in PHP's security configure,safe mode can control the function of some command,function and file access,etc.Safe mode option can make system safe but not the safety of the system but can not offer the absolute safe protection what with mainly embodiment in PHP code own compilation insufficient consummation,some bugs of the Win32 system affect that the partial PHP functions may arbitrarily call some limited commad or function and some potential danger attribute to some third-party modules and so on. |
| |
| Keywords: | safe mode Remote Procedure Call dynamic load |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
