You might want to review basic unix security.
Many files on the system HAVE to be world readable (like /etc/password, how else
can you check your UID/GID, etc?). You can also do this with server side
includes. This is why for apache you restrict cgi's to a certain dir and audit
them. Users can also do fork bombs, like wow, stupendous, amazing, you are
allowed to run potentially malicious code on a machine and it can do bad things,
this is hardly news. You might want to look into chrooting your apache server
(in which case you still need stub /etc/passwd, /etc/group, and so on files) or
using something like subdomain.
Kurt Seifried, seifried@securityportal.com
Securityportal - your focal point for security on the 'net
----- Original Message -----
From: "Matthias Auchmann"
Hi all !
I hope this is the right list to discuss this, but I think it's a real security problem:
What's wrong with my apache ? From a skript like:
#!/usr/bin/perl print "Content-Type: text/html\n\n"; open HUGO, "/etc/httpd/httpd.conf"; while ($a = <HUGO>) { print $a; }
or
<?php if (!$i) $i = "/etc/passwd"; readfile($i); print $i; ?>
I can publish the whole system, every config file, firewall-rules that are world-readable ... everything. and lots of files are, by default, world-readable ... I could start to make all of them NOT world readable, but isn't there another way ?
Any hints ?
thnx ... _____
Sent through Master Auchi Mail Systems http://www.masterauchi.com - powered by Linux
-
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com