×ðÁú¿­Ê±¹ÙÍøµÇ¼

LinuxЧÀÍÆ÷·À»¤£º±£»¤Web½Ó¿ÚÃâÊÜĿ¼±éÀú¹¥»÷¡£

LinuxЧÀÍÆ÷·À»¤£º±£»¤Web½Ó¿ÚÃâÊÜĿ¼±éÀú¹¥»÷

Ŀ¼±éÀú¹¥»÷ÊÇÒ»ÖÖ³£¼ûµÄÍøÂçÇå¾²Íþв £¬¹¥»÷ÕßÊÔͼͨ¹ý»á¼ûϵͳÎļþ·¾¶ÒÔ¼°Ãô¸ÐÎļþ £¬À´»ñȡδ¾­ÊÚȨµÄ»á¼ûȨÏÞ¡£ÔÚWebÓ¦ÓóÌÐòÖÐ £¬Ä¿Â¼±éÀú¹¥»÷ͨ³£ÊÇͨ¹ý²Ù×÷URL·¾¶À´ÊµÏÖµÄ £¬¹¥»÷ÕßÊäÈëÌØÊâµÄĿ¼±éÀú×Ö·û£¨Èç¡°../¡±£©À´µ¼º½µ½Ó¦ÓóÌÐòÉÏÏÂÎÄÖ®ÍâµÄĿ¼¡£

ΪÁ˱ÜÃâWeb½Ó¿ÚÔâÊÜĿ¼±éÀú¹¥»÷ £¬ÎÒÃÇ¿ÉÒÔ½ÓÄÉÒÔϲ½·¥À´±£»¤Ð§ÀÍÆ÷Çå¾²¡£

ÊäÈëÑéÖ¤

ÔÚWebÓ¦ÓóÌÐòÖÐ £¬ÊäÈëÑéÖ¤ÊÇÌá·ÀĿ¼±éÀú¹¥»÷µÄÖ÷Òª°ì·¨¡£ÔÚÎüÊÕµ½Óû§µÄÊäÈëºó £¬Ó¦¸Ã¶ÔÆä¾ÙÐÐÑÏ¿áÑéÖ¤ £¬²¢¹ýÂ˵ôÌØÊâ×Ö·û £¬ÀýÈç¡°../¡±¡£¿ÉÒÔʹÓÃÕýÔò±í´ïʽ»ò±à³ÌÓïÑÔÖеĹýÂ˺¯Êý¶ÔÓû§ÊäÈë¾ÙÐмì²é¡£

function validateInput(input) {
  // ¹ýÂ˵ôÌØÊâ×Ö·û
  const pattern = /../g;
  return !pattern.test(input);
}

// Àý×Ó
const userInput = "../../etc/passwd";
if (validateInput(userInput)) {
  // ´¦ÀíÓû§ÊäÈë
  // ...
} else {
  // ÊäÈëÎÞЧ£¬¿ÉÄܱ£´æĿ¼±éÀú¹¥»÷
  // ...
}

µÇ¼ºó¸´ÖÆ

Îļþ·¾¶´¦Àí

ÔÚ´¦ÀíÎļþ·¾¶Ê± £¬ÎÒÃÇӦʹÓþø¶Ô·¾¶¶ø²»ÊÇÏà¶Ô·¾¶¡£¾ø¶Ô·¾¶È·¶¨ÁËÎļþ¼òÖ±ÇÐλÖà £¬²»»áÓÉÓÚÏà¶Ô·¾¶¶øµ¼ÖÂÎó½â¶Á¡£

import java.nio.file.Path;
import java.nio.file.Paths;

public class FileProcessor {
  public void processFile(String filename) {
    // ʹÓþø¶Ô·¾¶
    Path filePath = Paths.get("/var/www/html", filename);
    // ...
  }
}

// Àý×Ó
FileProcessor fileProcessor = new FileProcessor();
fileProcessor.processFile("index.html");

µÇ¼ºó¸´ÖÆ

ȨÏÞÏÞÖÆ

ΪÁËÏÞÖƹ¥»÷Õßͨ¹ýĿ¼±éÀú¹¥»÷»á¼û·ÇÊÚȨĿ¼ £¬ÎÒÃÇÐèÒªÔÚЧÀÍÆ÷ÉÏÉèÖÃÊʵ±µÄȨÏÞ¡£È·±£WebЧÀÍÆ÷Àú³Ì¾ßÓÐ×îСµÄȨÏÞ £¬Ö»ÄÜ»á¼ûÐëÒªµÄÎļþºÍĿ¼¡£

ÀýÈç £¬¹ØÓÚApacheЧÀÍÆ÷ £¬Äú¿ÉÒÔÔÚÉèÖÃÎļþ£¨Èç¡°httpd.conf¡±£©ÖÐÉèÖÃÒÔÏÂȨÏÞ¹æÔò¡£

<Directory /var/www/html>
  Options None
  AllowOverride None
  Order deny,allow
  Deny from all
  Allow from 127.0.0.1
</Directory>

µÇ¼ºó¸´ÖÆ

ÉÏÊöÉèÖý«Õ¥È¡¶Ô/var/www/htmlĿ¼µÄËùÓлá¼û £¬³ýÁËÍâµØ»Ø»·µØµã£¨127.0.0.1£©Ö®Íâ¡£

Îļþ°×Ãûµ¥

ΪÁ˸ü½øÒ»²½ïÔ̭Ŀ¼±éÀú¹¥»÷µÄΣº¦ £¬ÎÒÃÇ¿ÉÒÔά»¤Ò»¸öÎļþ°×Ãûµ¥ £¬½öÔÊÐí»á¼ûÖ¸¶¨µÄÎļþºÍĿ¼¡£Õâ¿ÉÒÔÔÚÓ¦ÓóÌÐòµÄ´úÂëÖÐʵÏÖ £¬Í¨¹ý¼ì²éÓû§ÇëÇóµÄÎļþ·¾¶ÊÇ·ñÔÚ°×Ãûµ¥ÖÐÀ´¾ÙÐÐÏÞÖÆ¡£

def isFileAllowed(filePath):
  allowedFiles = ['/var/www/html/index.html', '/var/www/html/style.css']
  return filePath in allowedFiles

# Àý×Ó
userFilePath = "/var/www/html/../../../etc/passwd"
if isFileAllowed(userFilePath):
  # ´¦ÀíÓû§ÇëÇó
  # ...
else:
  # Îļþ²»ÔÚ°×Ãûµ¥ÖÐ
  # ...

µÇ¼ºó¸´ÖÆ

ÒÔÉÏÊÇһЩ»ù±¾µÄ²½·¥ £¬¿É×ÊÖú±£»¤Web½Ó¿ÚÃâÊÜĿ¼±éÀú¹¥»÷¡£µ«Çë¼Ç×Å £¬ÍøÂçÇå¾²ÊÇÒ»¸öÒ»Á¬Ò»Ö±µÄ¶·Õù £¬ÎÒÃÇ»¹Ó¦¸Ã°´ÆÚ¸üÐÂÈí¼þ¡¢ÐÞ²¹Îó²î £¬²¢°´ÆÚ¾ÙÐÐÇå¾²Éó¼ÆºÍÉø͸²âÊÔ £¬ÒÔ°ü¹ÜϵͳµÄÇå¾²ÐÔ¡£

ÒÔÉϾÍÊÇLinuxЧÀÍÆ÷·À»¤£º±£»¤Web½Ó¿ÚÃâÊÜĿ¼±éÀú¹¥»÷¡£µÄÏêϸÄÚÈÝ £¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡

ÃâÔð˵Ã÷£ºÒÔÉÏչʾÄÚÈÝȪԴÓÚÏàÖúýÌå¡¢ÆóÒµ»ú¹¹¡¢ÍøÓÑÌṩ»òÍøÂçÍøÂçÕûÀí £¬°æȨÕùÒéÓë±¾Õ¾ÎÞ¹Ø £¬ÎÄÕÂÉæ¼°¿´·¨Óë¿´·¨²»´ú±í×ðÁú¿­Ê±¹ÙÍøµÇ¼ÂËÓÍ»úÍø¹Ù·½Ì¬¶È £¬Çë¶ÁÕß½ö×ö²Î¿¼¡£±¾ÎĽӴýתÔØ £¬×ªÔØÇë˵Ã÷À´ÓÉ¡£ÈôÄúÒÔΪ±¾ÎÄÇÖÕ¼ÁËÄúµÄ°æȨÐÅÏ¢ £¬»òÄú·¢Ã÷¸ÃÄÚÈÝÓÐÈκÎÉæ¼°ÓÐÎ¥¹«µÂ¡¢Ã°·¸Ö´·¨µÈÎ¥·¨ÐÅÏ¢ £¬ÇëÄúÁ¬Ã¦ÁªÏµ×ðÁú¿­Ê±¹ÙÍøµÇ¼ʵʱÐÞÕý»òɾ³ý¡£

Ïà¹ØÐÂÎÅ

ÁªÏµ×ðÁú¿­Ê±¹ÙÍøµÇ¼

18523999891

¿É΢ÐÅÔÚÏß×Éѯ

ÊÂÇéʱ¼ä£ºÖÜÒ»ÖÁÖÜÎå £¬9:30-18:30 £¬½ÚãåÈÕÐÝÏ¢

QR code
ÍøÕ¾µØͼ