Re: Attack using php+apache

To: debian-security <debian-security@lists.debian.org>
Subject: Re: Attack using php+apache
From: Adam ENDRODI <borso@vekoll.saturnus.vein.hu>
Date: Sun, 16 Nov 2003 12:32:34 +0100
Message-id: <[🔎] 20031116113234.GA10671@ildicow.saturnus.vein.hu>
In-reply-to: <[🔎] 20031116034314.GL10972@posixnap.net>
References: <[🔎] Pine.LNX.4.58.0311152104110.7438@lia.ufc.br> <[🔎] 20031116021134.GC686@nova.vor.em.ca> <[🔎] 20031116034314.GL10972@posixnap.net>

On Sat, Nov 15, 2003 at 10:43:14PM -0500, Alex J. Avriette wrote:
> On Sat, Nov 15, 2003 at 08:11:34PM -0600, Tom Goulet (UID0) wrote:
> 
> > If you have register globals off *or* safe mode on, this particular
> > exploit is useless.
> 
> > If you had register globals on and safe mode off then he could run
> > arbitrary programs as your Apache user.  It's possible he could run a
> > local root exploiting program, but that's not as likely.
> 
> It really irritates me that people continue to use this when the
> php.ini file repeatedly warns (no, begs) you not to.

FWIW, having register globals off sometimes gives a false sense
of security.  Recently, I've discovered that PHP-Nuke just seems
to work well with this setting, because it circumventes it by
calling import_request_variables('GPC').  I'm less than happy
about PHP.

bit,
adam

-- 
1024D/37B8D989 954B 998A E5F5 BA2A 3622  82DD 54C2 843D 37B8 D989      
finger://borso@vekoll.vein.hu | Some days, my soul's confined
http://www.keyserver.net | And out of mind
Sleep forever

Reply to:

References:
- Attack using php+apache
  - From: Carlos Eduardo Araujo Vieira <carllos@lia.ufc.br>
- Re: Attack using php+apache
  - From: "Tom Goulet (UID0)" <uid0@em.ca>
- Re: Attack using php+apache
  - From: "Alex J. Avriette" <alex@posixnap.net>

Prev by Date: Re: Attack using php+apache
Next by Date: What's the best for VPN?
Previous by thread: Re: Attack using php+apache
Next by thread: Re: Attack using php+apache
Index(es):
- Date
- Thread