权限“公共”文件夹 Laravel
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/34462499/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Permissions "public" folder Laravel
提问by Hugo
So I have the following folder organization in my Laravel project:
所以我的 Laravel 项目中有以下文件夹组织:
- public
- user_images
- group_images
- img
- css
- vendor
- etc ...
- 民众
- 用户图像
- group_images
- 图片
- css
- 小贩
- 等等 ...
So my problem is, when a user uploads an image I move it to the folder user_image and then I use the Intervention Imageto make it smaller, I use Image::make(#folder), then re size it and at last I save it. But to do that the folder user_image needs special permissions, with chmod 777i can make it work, but I think it's a security breach if I leave the folder with 777 permissions.
所以我的问题是,当用户上传图像时,我将其移动到文件夹 user_image,然后使用干预图像将其缩小,使用 Image::make(#folder),然后重新调整大小,最后保存它。但是要做到这一点,文件夹 user_image 需要特殊权限,使用chmod 777我可以让它工作,但我认为如果我让文件夹具有 777 权限,这是一个安全漏洞。
Should I leave the folder with 777 permissions or shouldn't? Why?
我应该保留 777 权限的文件夹还是不应该?为什么?
Thanks.
谢谢。
回答by Vojko
I would suggest that you leave 777 chmod if it is only images but also place an empty php file called "index.php" inside that folder that will redirect all incoming connection to the root.
如果它只是图像,我建议您保留 777 chmod,但还要在该文件夹中放置一个名为“index.php”的空 php 文件,该文件会将所有传入连接重定向到根目录。
回答by Buglinjo
web user can't do any harm with 777 access in photos folder, so leave it.
网络用户不会对照片文件夹中的 777 访问造成任何伤害,因此请保留它。
