[2184] in bugtraq
Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995
daemon@ATHENA.MIT.EDU (Panzer Boy)
Thu Aug 31 20:11:33 1995
Date: Thu, 31 Aug 1995 16:25:58 -0400
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Panzer Boy <panzer@dhp.com>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
Perry E. Metzger (perry@piermont.com) wrote:
: > I want to check my linux and my ISP's FreeBSD. Bugtraq is FULL
: > DISCLOSURE !! So, please post source/ scripts now !
: I don't see that you need an exploit script to check this. Simply
: checking your implementation of syslog(3) is enough. If you can't read
: C source code, well, sorry.
Originally when this came out, no one even had a test to see if your were
attackable. It did show up shortly after that, though I'm not sure if I
actually saw it on bugtraq or elsewhere.
And most people can't legally check to see if there syslog is attackable
by reading source code, as many vendors don't give you source code.
Please don't reply with the "so don't buy those vendors code", because
bugtraq isn't about religous warfare over OS's and which Editor is better.
OB BugTraq, does a user making a "~/public_html/root_dir -> /" link do
what you think it does on your web server? Maybe this isn't a hot
idea... Even worse if you nfs mount users pages via a web server that
does other tasks also...
Try adding this to "access.conf" on apache 0.8.11 or ncsa 1.4 (not sure
about how CERN handles this). "SymLinksIfOwnerMatch" is only vaguely
documented.
<Directory /*/public_html*>
AllowOverride None
Options Indexes SymLinksIfOwnerMatch
</Directory>
--
-Matt (panzer@dhp.com) DI-1-9026
"That which can never be enforced should not be prohibited."
