PHP 8.4.1 Released!

Налаштування під час виконання

На поведінку цих функцій випливають налаштування в php.ini.

Filesystem and Streams Configuration Options
Назва Початково Де можна змінювати Журнал змін
phar.readonly "1" INI_ALL  
phar.require_hash "1" INI_ALL  
phar.cache_list "" INI_SYSTEM  

Тут є коротке пояснення директив конфігурації.

phar.readonly bool

This option disables creation or modification of Phar archives using the phar stream or Phar object's write support. This setting should always be enabled on production machines, as the phar extension's convenient write support could allow straightforward creation of a php-based virus when coupled with other common security vulnerabilities.

Зауваження:

This setting can only be unset in php.ini due to security reasons. If phar.readonly is disabled in php.ini, the user may enable phar.readonly in a script or disable it later. If phar.readonly is enabled in php.ini, a script may harmlessly "re-enable" the INI variable, but may not disable it.

phar.require_hash bool

This option will force all opened Phar archives to contain some kind of signature (currently MD5, SHA1, SHA256, SHA512 and OpenSSL are supported), and will refuse to process any Phar archive that does not contain a signature.

Зауваження:

This setting can only be unset in php.ini. If phar.require_hash is disabled in php.ini, the user may enable phar.require_hash in a script or disable it later. If phar.require_hash is enabled in php.ini, a script may harmlessly "re-enable" the INI variable, but may not disable it.

This setting does not affect reading plain tar files with the PharData class.

Застереження

phar.require_hash does not provide any security per se, it is merely a measure against running accidentially corrupted Phar archives, because anyone who would be able to tamper with the Phar could easily fix the signature afterwards.

phar.cache_list string

Allows mapping phar archives to be pre-parsed at web server startup, providing a performance improvement that brings running files out of a phar archive very close to the speed of running those files from a traditional disk-based installation.

Приклад #1 phar.cache_list usage example

in php.ini (windows):
phar.cache_list =C:\path\to\phar1.phar;C:\path\to\phar2.phar
in php.ini (unix):
phar.cache_list =/path/to/phar1.phar:/path/to/phar2.phar

add a note

User Contributed Notes

There are no user contributed notes for this page.
To Top