Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

To: Reco <recoverym4n@gmail.com>
Cc: Debian User <debian-user@lists.debian.org>
Subject: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
From: Raffaele Morelli <raffaele.morelli@gmail.com>
Date: Tue, 24 Dec 2013 09:00:59 +0100
Message-id: <[🔎] CAD4guxNbOBgFqXPofcJHg0W9Swfv4r_7hGJN-iTxr-FLJu-eyQ@mail.gmail.com>
In-reply-to: <[🔎] 20131224115409.10889818aead08a56e8f34e7@gmail.com>
References: <[🔎] CAKkTUv2hUccoNBJ-UX1E=aqkdT9JSoVddG9mcVxgxQjE3qCzFQ@mail.gmail.com> <[🔎] CAKkTUv1-Z8idHwRYTO9=SAHmRZsFyEHGoDzVm5_3g3Mg-xNbPg@mail.gmail.com> <[🔎] CAKkTUv0p5wvswzRn6+g2w64gc5oE+fVRZtgJsVKmdPPhRyN9qQ@mail.gmail.com> <[🔎] CAD4guxO2TOCk4a78SS9EyhJUz1v-ZCF2njcDOQx5EiEerRObDQ@mail.gmail.com> <[🔎] 52B87600.2030007@nuagelibre.org> <[🔎] CAD4guxPGvPMp52sgQASdr6K8-TG77jksTSrh48-Q9BZBXhNHDA@mail.gmail.com> <[🔎] 20131224115409.10889818aead08a56e8f34e7@gmail.com>

2013/12/24 Reco <recoverym4n@gmail.com>

Hi.

On Tue, 24 Dec 2013 08:47:17 +0100
Raffaele Morelli <raffaele.morelli@gmail.com> wrote:

> I think you should read man pages on shells and privileges first and what a
> user can do.

Can you elaborate please how exactly serving root-owned file with
apache is a bad thing for security?

php script is owned by root -> full system access

now, try `su - www-data` and have a look at the shell you are in.

there you are if you can get it.

Reco

Reply to:

Follow-Ups:
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Reco <recoverym4n@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: PaulNM <debian@paulscrap.com>

References:
- Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Lukasz Szybalski <szybalski@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Lukasz Szybalski <szybalski@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Lukasz Szybalski <szybalski@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Raffaele Morelli <raffaele.morelli@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Gilles Mocellin <gilles.mocellin@nuagelibre.org>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Raffaele Morelli <raffaele.morelli@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Reco <recoverym4n@gmail.com>

Prev by Date: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
Next by Date: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
Previous by thread: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
Next by thread: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
Index(es):
- Date
- Thread