[5029] in WWW Security List Archive
Re: Security issues in Apache?
daemon@ATHENA.MIT.EDU (Jim Carroll)
Fri Apr 11 12:51:07 1997
Date: 11 Apr 97 09:11:59 -0400
From: "Jim Carroll" <PJCARROL@ca.oracle.com>
To: paulp@go2net.com
Cc: www-security@ns2.rutgers.edu, rjc@n2k.com, riddle@is.rice.edu,
petrilli@amber.org
Errors-To: owner-www-security@ns2.rutgers.edu
Paul Phillips wrote:
>On Mon, 7 Apr 1997, Christopher Petrilli wrote:
>
>> If you're running it, I would recommend you run an absolute minimal
>> server on port 80, an run the rest on a totally untrusted port, like
>> 8080, thereby elimanting the need to even start the server as root. This
>> would at least restrict the damage that could be done.
>
>This buys you nothing. A call to setuid() by root gives away its
>root privileges forever and ever. If something so fundamental to
>the Unix permission model did not work properly, you'd be in extremely
>deep water anyway. There is nothing particularly "trusted" about
>port 80 vs. port 8080, it's just a question of who can bind to it.
>
>Are you suggesting that the server on port 80 turn around and issue
>all its requests to port 8080? Even if there were some win to this,
>you couldn't do it unless performance was an irrelevant consideration.
>But, again, this buys you nothing (and introduces an unnecessary layer
>of complexity.)
Something which just sprang to mind: Implement the plug-gw from the TIS
firewall toolkit on port 80, have it plug to localhost:8080. The plug-gw
should be light enough not to bog down the system. If it's a serious
performance problem, split the process running plug-gw onto one host, and the
process running httpd onto another host.
If (effectively) doubling up the traffic on the NIC of the host running
plug-gw is seen to be a performance bottleneck, stick another NIC in the host,
move the httpd host to that new subnet.
Bonus: If you've properly implemented the TIS fwtk, you've now improved the
overall security of the httpd host.
--
Jim Carroll <pjcarrol@ca.oracle.com>
"A great idea, if never mentioned, is just another passing thought."
