RE: Attack using php+apache
I recommend using SuPHP to avoid run-as-apache problems:
"suPHP is a tool for executing PHP scripts with the permissions of their
owners. It consists of an Apache module (mod_suphp) and a setuid root
binary (suphp) that is called by the Apache module to change the uid of
the process executing the PHP interpreter. "
From: Adam ENDRODI [mailto:firstname.lastname@example.org]
Sent: Sunday, November 16, 2003 12:33 PM
Subject: Re: Attack using php+apache
On Sat, Nov 15, 2003 at 10:43:14PM -0500, Alex J. Avriette wrote:
> On Sat, Nov 15, 2003 at 08:11:34PM -0600, Tom Goulet (UID0) wrote:
> > If you have register globals off *or* safe mode on, this particular
> > exploit is useless.
> > If you had register globals on and safe mode off then he could run
> > arbitrary programs as your Apache user. It's possible he could run
> > local root exploiting program, but that's not as likely.
> It really irritates me that people continue to use this when the
> php.ini file repeatedly warns (no, begs) you not to.
FWIW, having register globals off sometimes gives a false sense
of security. Recently, I've discovered that PHP-Nuke just seems
to work well with this setting, because it circumventes it by
calling import_request_variables('GPC'). I'm less than happy
1024D/37B8D989 954B 998A E5F5 BA2A 3622 82DD 54C2 843D 37B8 D989
finger://email@example.com | Some days, my soul's confined
http://www.keyserver.net | And out of mind
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact