修改linux的shell限制,Nginx下解决WebShell访问限制问题

最新推荐文章于 2023-02-10 02:16:44 发布

星空之下永远有路

最新推荐文章于 2023-02-10 02:16:44 发布

阅读量219

点赞数

文章标签：修改linux的shell限制

直入主题公布修改方法

wget http://www.php.net/get/php-5.2.10.tar.gz/from/this/mirror

wget http://php-fpm.org/downloads/php-5.2.10-fpm-0.5.13.diff.gz

tar zxvf php-5.2.10.tar.gz

gzip -cd php-5.2.10-fpm-0.5.13.diff.gz | patch -d php-5.2.10 -p1 //如果你用补丁的话先打补丁再改比较妥当，我没检查过补丁有没动这个文件

cd php-5.2.10/

./configure –prefix=/usr/local/php –with-config-file-path=/usr/local/php/etc –with-mysql=/usr/local/mysql –with-mysqli=/usr/local/mysql/bin/mysql_config –with-iconv-dir –with-freetype-dir –with-jpeg-dir –with-png-dir –with-zlib –with-libxml-dir=/usr –enable-xml –disable-rpath –enable-discard-path –enable-magic-quotes –enable-safe-mode –enable-bcmath –enable-shmop –enable-sysvsem –enable-inline-optimization –with-curl –with-curlwrappers –enable-mbregex –enable-fastcgi –enable-fpm –enable-force-cgi-redirect –enable-mbstring –with-mcrypt –enable-ftp –with-gd –enable-gd-native-ttf –with-openssl –with-mhash –enable-pcntl –enable-sockets –with-xmlrpc –enable-zip –enable-soap –without-pear –with-gettext –with-mime-magic –enable-suhosin

vi main/fopen_wrappers.c

找到/* {{{ php_check_open_basedir

PHPAPI int php_check_open_basedir_ex(const char *path, int warn TSRMLS_DC)

{

/* Only check when open_basedir is available */

if (PG(open_basedir) && *PG(open_basedir)) {

char *pathbuf;

char *ptr;

char *end;

// add by anxsoft.com

char *env_doc_root;

if(PG(doc_root)){

env_doc_root = estrdup(PG(doc_root));

}else{

env_doc_root = sapi_getenv("DOCUMENT_ROOT", sizeof("DOCUMENT_ROOT")-1 TSRMLS_CC);

}

if(env_doc_root){

intres_root = php_check_specific_open_basedir(env_doc_root, path TSRMLS_CC);

efree(env_doc_root);

if (res_root == 0) {

return 0;

}

if (res_root == -2) {

errno = EPERM;

return -1;

}

// add by anxsoft.com

pathbuf = estrdup(PG(open_basedir));

ptr = pathbuf;

while (ptr && *ptr) {

end = strchr(ptr, DEFAULT_DIR_SEPARATOR);

if (end != NULL) {

*end = '\0';

end++;

}

if (php_check_specific_open_basedir(ptr, path TSRMLS_CC) == 0) {

efree(pathbuf);

return 0;

}

ptr = end;

}

if (warn) {

php_error_docref(NULL TSRMLS_CC, E_WARNING, "open_basedir restriction in effect. File(%s) is not within the allowed path(s): (%s)", path, PG(open_basedir));

}

efree(pathbuf);

errno = EPERM; /* we deny permission to open it */

return -1;

}

/* Nothing to check... */

return 0;

}

/* }}} */

两个 add by anxsoft.com 中间的是修改加上去的

然后保存，退出。

make ZEND_EXTRA_LIBS=’-liconv’

make install

php.in的open_basedir配置

open_basedir = “/tmp/:/var/tmp/”

星空之下永远有路

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
修改linux的shell限制,Nginx下解决WebShell访问限制问题

直入主题公布修改方法wget http://www.php.net/get/php-5.2.10.tar.gz/from/this/mirrorwget http://php-fpm.org/downloads/php-5.2.10-fpm-0.5.13.diff.gztar zxvf php-5.2.10.tar.gzgzip -cd php-5.2.10-fpm-0.5.13.diff.gz ...
复制链接

扫一扫