虽然一句话木马所在目录没有可执行权限,但是具有了Apache /sbin/nologin
[[email protected] html]# cat /etc/passwd | grep apache
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin
[[email protected] html]#
可以对目录/etc/nginx/conf.d具有读权限,对于apache用户有读权限的目录都可以,查看。
[[email protected] nginx]# cd conf.d/
[[email protected] conf.d]# ll
total 4
-rw-r--r-- 1 root root 380 Feb 22 21:35 mysite.conf
[[email protected] conf.d]# pwd
/etc/nginx/conf.d
[[email protected] conf.d]#
[[email protected] www]# ll -h
total 0
drwxr-xr-x. 2 root root 6 Oct 20 04:39 cgi-bin
drw-r--r-x. 2 root root 56 Mar 1 20:27 html 有执行权限
[[email protected] www]#
以下是
对于上传目录没有可执行权限,连接上去只能查看目录结构
django部署网站ckeditor上传文件默认有可执行权限
django项目
例一:
[[email protected] ckeditor]# ll -h
total 4.0K
drwxrwxr-x. 2 nana nana 4.0K Dec 20 12:28 uploads
[[email protected] ckeditor]#
例二:
[[email protected] blog]# ls
admin.py __init__.py media models.py __pycache__ templates views.py
admin.pyc __init__.pyc migrations models.pyc static tests.py views.pyc
[[email protected] blog]# cd media/
[[email protected] media]# ll -h
total 0
drwxr-xr-x 3 root root 21 Feb 22 12:59 ckeditor
[[email protected] media]# cd ckeditor/
[[email protected] ckeditor]# ls
uploads
[[email protected] ckeditor]# ls -h
uploads
[[email protected] ckeditor]# ll -h
total 0
drwxr-xr-x 2 root root 6 Feb 22 12:59 uploads
[[email protected] ckeditor]#