We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
作为ftp,或者共享的系统,只需要开放某一个目录,提供用户上传和修改即可。
而kodexplorer却可以访问服务器所有磁盘文件,这个危险性很高,部署到外网,一旦有漏洞的话,就相当于把服务器所有信息都公布出来了,请注意,运行php的用户还不是root。。。
这个看上去不算是漏洞,功能和强大。。
The text was updated successfully, but these errors were encountered:
首先,只有管理员能访问所有目录,非管理员只能访问自己目录,并严格限制了扩展名。 管理员php文件编辑权限都有了,所谓的限制又有何用。
如果多站担心安全的话,可以设置nginx或php的配置,限制站点目录;open_basedir
Sorry, something went wrong.
No branches or pull requests
作为ftp,或者共享的系统,只需要开放某一个目录,提供用户上传和修改即可。
而kodexplorer却可以访问服务器所有磁盘文件,这个危险性很高,部署到外网,一旦有漏洞的话,就相当于把服务器所有信息都公布出来了,请注意,运行php的用户还不是root。。。
这个看上去不算是漏洞,功能和强大。。
The text was updated successfully, but these errors were encountered: