Mailinglist Archive: opensuse-security (394 mails)

< Previous Next >
PHP safe mode problems...
  • From: Jose de Paula Eufrásio Junior <jjunior@xxxxxxxxxx>
  • Date: Tue, 09 Dec 2003 09:58:05 -0200
  • Message-id: <3FD5B8CD.2030103@xxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello.

I got a defacing in my domains this weekend. They used and php shell to
run some processes in the machine and replace all
index.(html|shtml|php). They changed my users password too, and let a
process in the /tmp dir running on port 80.

The thing is, if I turn on PHP Safe Mode, webmail and applications stop
working (includes and execs).

There's some way to secure PHP and don't lose half of it's funcionality?


[]s
core

- --
Jos? de Paula Eufr?sio J?nior
Analista de Sistema | CPD
ProInternet do Brasil
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)

iD8DBQE/1bjNuux+hAffZfsRAnMGAJ4utuZmJ5mkK0wg5qaXQVAAyePLAwCfRKWR
QKOI+DBUs9NYAKKnK/jv3tY=
=TiPv
-----END PGP SIGNATURE-----


< Previous Next >
References