[21379] in bugtraq
Re: [BUGTRAQ] php breaks safe mode
daemon@ATHENA.MIT.EDU (Steffen Dettmer)
Fri Jul 6 15:19:38 2001
Date: Fri, 6 Jul 2001 10:14:54 +0200
From: Steffen Dettmer <steffen@dett.de>
To: H D Moore <hdm@secureaustin.com>
Cc: Raptor <raptor@0xdeadbeef.eu.org>, bugtraq@securityfocus.com
Message-ID: <20010706101453.B3076@dx.net.de>
Reply-To: Steffen Dettmer <steffen@dett.de>
Mail-Followup-To: Steffen Dettmer <steffen@dett.de>,
H D Moore <hdm@secureaustin.com>, Raptor <raptor@0xdeadbeef.eu.org>,
bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
In-Reply-To: <0107051431420A.00708@sliver>; from hdm@secureaustin.com on Thu, Jul 05, 2001 at 02:31:42PM -0500
Content-Transfer-Encoding: 8bit
* H D Moore wrote on Thu, Jul 05, 2001 at 14:31 -0500:
> On Thursday 05 July 2001 05:11 am, Raptor wrote:
> > What do you exactly intend with "minor impact"?
> I wonder if VirtualHost based user/group directives would keep
> this from happening,
No, this will not have any effects on the server childs, but on
the executed CGI sub-processes. Since its not possible (well, not
without giving up any performance) to setuid at each request
(necessary, since all childs are able to handle any request).
Since PHP runs in the same process, it runs with the same
permissions like all the other childs.
> does anyone on the list know of a way to protect against this?
drop mod_php, use php via CGI with a slightly modified suexec or
add those "shebang" line to your PHP scripts. But this is a
performance issue, since having security is slower here :)
oki,
Steffen
--
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel.
