我想在我的VPS上使用drush进行drupal维护任务。但是我已经从我安装的firewall的自测结果的建议中禁止了php的exec()。 Drush显然想要这个特权,我已经看到了三个选项来完成这项工作。
我的帐户是Linux VPS上唯一的管理员,我不打算更改它。我是VPS及其安全问题的新手。请告知哪个选项提供更安全的方法。
终端输出:
>exec() has been disabled for security reasons bootstrap.inc:639 [warning]
The following restricted PHP modes have non-empty values: [error]
disable_functions and magic_quotes_gpc. This configuration is
incompatible with drush. Please check your configuration settings in
/usr/local/lib/php.ini or in your drush.ini file; see
examples/example.drush.ini for details.
exec() has been disabled for security reasons exec.inc:150 [warning]
exec() has been disabled for security reasons exec.inc:150 [warning]
exec() has been disabled for security reasons exec.inc:150 [warning]
unlink(/home/site1/drush/lib/package.xml): No such file or [warning]
directory drush.inc:798
The drush command 'status' could not be found. Run `drush [error]
cache-clear drush` to clear the commandfile cache if you have
installed new extensions.
Drush needs a copy of the PEAR Console_Table library in order to [error]
function, and the attempt to download this file automatically failed.
To continue you will need to download the 1.1.3 package from
http://pear.php.net/package/Console_Table, extract it into
/home/site1/drush/lib directory, such that Table.php exists at
/home/site1/drush/lib/Console_Table-1.1.3/Table.php.
答案 0 :(得分:1)
PHP有许多内置或通过扩展可用的功能。但是,在某些情况下,库或应用程序被设计为调用外部程序。如果没有exec,那些软件包根本就不起作用,所以你可以选择允许使用exec或者不使用有问题的软件包。
忘掉safe_mode:它已被弃用,即将完全删除。
exec本身的使用本身并不是不安全的 - 当程序没有正确地清理输入时,或者代码编写的方式允许人们以一种不打算调用代码的方式来调用exec代表问题。由于Drush是一个管理实用程序,因此您已经预计这只会由受信任的用户运行。我的意思是 - 它包括让你输入你想要的任何PHP代码和evals()它!