缓解风险的措施之一是 LAMP 应用服务器通常专注于一种具体功能,用户无法创建危险的符号连接。
One of the mitigations is that LAMP application servers are generally dedicated to a particular function, and users can't create the potentially dangerous symbolic links.
FollowSymLinks 选项被启用,它允许 Apache 查看之前的符号连接来为请求提供服务,即便文件位于包含 Web 文件的目录之外。
The FollowSymLinks option is enabled, which lets Apache look past symlinks to serve the request, even if the file is outside the directory containing Web files.
在编译完成以后,生成了一个tinylogin . links文件,它随后被make install用来为所有的内编译函数创建指向tinylogin二进制文件的符号连接。
After the build is complete, a tinylogin.links file is generated, which is then used by make install to create symlinks to the tinylogin binary for all compiled-in functions.
应用推荐