php ¼³Ä¡ Àü¿¡ ¼öÈ£½Å ÆÐÄ¡Çϱâ

 

¼öÈ£½Å ´Ù¿î·Îµå »çÀÌÆ®(http://www.hardened-php.net/suhosin/download.html)¿¡¼­ ¼³Ä¡ÇÏ·Á´Â php ¹öÀü°ú °°Àº

ÆÐÄ¡ÆÄÀÏÀ» ´Ù¿î¹Þ´Â´Ù.

±×·± ÈÄ php ¼Ò½º ÆÄÀÏÀ» ÆÐÄ¡ÇÏ¿© ÁØ´Ù.

   
 # tar xvzf php-5.2.9.tar.gz 
# wget http://download.suhosin.org/suhosin-patch-5.2.9-0.9.7.patch.gz
# gzip suhosin-patch-5.2.9-0.9.7.patch.gz
# cd php-5.2.9

# patch -p1 -i ../suhosin-patch-5.2.9-0.9.7.patch
  
   
ÀÌÈÄ php ÄÄÆÄÀÏ ÇÒ ¶§ configure¿¡¼­ --enable-suhosin ÇØÁÖ¸é µÈ´Ù.

 


ÀͽºÅÙ¼Ç ¼³Ä¡Çϱâ

   
 # wget http://download.suhosin.org/suhosin-0.9.29.tgz
# tar xvzf suhosin-0.9.29.tgz
# cd suhosin-0.9.29
# /usr/local/php/bin/phpize
# ./configure --prefix=/usr/local/suhosin --with-php-config=/usr/local/php/bin/php-config
# make
# make install 
 

Installing shared extensions:     /usr/local/php5/lib/php/extensions/no-debug-non-zts-20060613/
  
   
/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613 µð·ºÅ丮¿¡ suhosin.so ÆÄÀÏÀÌ »ý¼º.

php modules µð·ºÅ丮·Î À̵¿½ÃÅ°°Å³ª, suhosin ÀͽºÅÙ¼Ç µð·ºÅ丮¸¦ ÁöÁ¤ÇØÁְųª Çؼ­ php.ini¿¡ µî·Ï.

php.ini

   
 # mv /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/suhosin.so /usr/local/php/modules/ 
# vi /usr/local/php/lib/php.ini

 

extension=suhosin.so

 

¶Ç´Â

 

[Suhosin]
extension_dir=/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/
extension=suhosin.so
  
   
phpinfo()·Î ¼³Ä¡°¡ Á¤»óÀûÀ¸·Î µÇ¾ú´ÂÁö È®ÀÎ.
"This server is protected with the Suhosin Extension 0.9.29"" ¹®±¸¿Í ÇÔ²² Çѱ۷ΠµÈ ¼öÈ£½Å ·Î°í°¡ º¸ÀÎ´Ù¸é ¼º°ø.
[Ãâó] php ¼öÈ£½Å ¼³Ä¡ |ÀÛ¼ºÀÚ Áñ°Å¿î¸Ç