jdd wrote:
Le 14/12/2016 à 07:40, Per Jessen a écrit :
aha, I see. So the weakness is clearly in the gallery software.
may be the software use some "ftp like" php functions, I dunno.
With a webserver, I think there are only two options - file upload with POST or some sort of webDAV.
ftp is easy to set up so it is safe to use
it's not the reputation it have
Maybe due to poorly skilled admins. I have had a few vsftpd setups running over a few years, no problems.
in fact I just notice this piwigo version is the only one I have that is setup in a personal account (user/public_html). The other are unaffected. It's easy to see because the attacker added files on the install that are easy to look at
if this is an ongoing problem, apparmor could probably help you.
dunno how, if the attacker uses "official" disk access methods
Well, either it's "official" or it's "unofficial". Assuming you're running apache under 'wwwrun', it's easy to control where wwwrun is allowed to write to. -- Per Jessen, Zürich (1.1°C) http://www.dns24.ch/ - free dynamic DNS, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org