Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour

To: PaulNM <debian@paulscrap.com>
Cc: Debian User <debian-user@lists.debian.org>
Subject: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
From: Raffaele Morelli <raffaele.morelli@gmail.com>
Date: Tue, 24 Dec 2013 09:59:39 +0100
Message-id: <[🔎] CAD4guxPuro2-6deZG26P+s6dDDUzB4NhQnrCLjzjGoZFo_1PDw@mail.gmail.com>
In-reply-to: <[🔎] 52B948F5.7030204@paulscrap.com>
References: <[🔎] CAKkTUv2hUccoNBJ-UX1E=aqkdT9JSoVddG9mcVxgxQjE3qCzFQ@mail.gmail.com> <[🔎] CAKkTUv1-Z8idHwRYTO9=SAHmRZsFyEHGoDzVm5_3g3Mg-xNbPg@mail.gmail.com> <[🔎] CAKkTUv0p5wvswzRn6+g2w64gc5oE+fVRZtgJsVKmdPPhRyN9qQ@mail.gmail.com> <[🔎] CAD4guxO2TOCk4a78SS9EyhJUz1v-ZCF2njcDOQx5EiEerRObDQ@mail.gmail.com> <[🔎] 52B87600.2030007@nuagelibre.org> <[🔎] CAD4guxPGvPMp52sgQASdr6K8-TG77jksTSrh48-Q9BZBXhNHDA@mail.gmail.com> <[🔎] 20131224115409.10889818aead08a56e8f34e7@gmail.com> <[🔎] CAD4guxNbOBgFqXPofcJHg0W9Swfv4r_7hGJN-iTxr-FLJu-eyQ@mail.gmail.com> <[🔎] 52B948F5.7030204@paulscrap.com>

2013/12/24 PaulNM <debian@paulscrap.com>

On 12/24/2013 03:00 AM, Raffaele Morelli wrote:
>
> 2013/12/24 Reco <recoverym4n@gmail.com <mailto:recoverym4n@gmail.com>>

>
> Hi.
>
> On Tue, 24 Dec 2013 08:47:17 +0100
> Raffaele Morelli <raffaele.morelli@gmail.com

> <mailto:raffaele.morelli@gmail.com>> wrote:
>
> > I think you should read man pages on shells and privileges first
> and what a
> > user can do.
>
> Can you elaborate please how exactly serving root-owned file with
> apache is a bad thing for security?
>
>
> php script is owned by root -> full system access

No, php script *RUN* by root -> full system access

php script run by www-data -> access to what www-data has access to.

Yes, I missed this point.

BTW, as I don't want to rewrite someone else system security rules, let's say that: MY best practice is to have www-data or any other NON-root user as the scripts owner.

Reply to:

Follow-Ups:
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Reco <recoverym4n@gmail.com>

References:
- Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Lukasz Szybalski <szybalski@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Lukasz Szybalski <szybalski@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Lukasz Szybalski <szybalski@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Raffaele Morelli <raffaele.morelli@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Gilles Mocellin <gilles.mocellin@nuagelibre.org>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Raffaele Morelli <raffaele.morelli@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Reco <recoverym4n@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: Raffaele Morelli <raffaele.morelli@gmail.com>
- Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
  - From: PaulNM <debian@paulscrap.com>

Prev by Date: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
Next by Date: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
Previous by thread: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
Next by thread: Re: Debian Wheezy Compromised - www-data user is sending 1000 emails an hour
Index(es):
- Date
- Thread