-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdockerfile
More file actions
25 lines (21 loc) · 855 Bytes
/
dockerfile
File metadata and controls
25 lines (21 loc) · 855 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
FROM php:8.2-apache
# 启用重写模块
RUN a2enmod rewrite
# 复制项目文件
COPY . /var/www/html/
RUN \
# 1. 敏感文件(flag_dir.txt)仅root可读
chown root:root /var/www/html/flag_dir.txt 2>/dev/null || true && \
chmod 600 /var/www/html/flag_dir.txt 2>/dev/null || true && \
# 2. 生成脚本仅root可执行,执行后删除
chown root:root /var/www/html/generate_flag_dir.php && \
chmod 700 /var/www/html/generate_flag_dir.php && \
# 3. .htaccess 允许www-data读取(否则规则无效)
chown root:www-data /var/www/html/.htaccess && \
chmod 640 /var/www/html/.htaccess && \
# 4. 确保index.php可被Apache执行
chmod 644 /var/www/html/index.php
# 启动命令
CMD php /var/www/html/generate_flag_dir.php && \
rm -f /var/www/html/generate_flag_dir.php && \
apache2-foreground