Re: security issues with apache!

To: debian-security@lists.debian.org
Subject: Re: security issues with apache!
From: Jon Dowland <lists@alcopop.org>
Date: Tue, 7 Mar 2006 12:29:30 +0000
Message-id: <[🔎] 20060307122930.GE13927@alcopop.org>
In-reply-to: <440D5F25.4090800@isecore.net>
References: <440D5F25.4090800@isecore.net>

At 1141730613, Petter Senften wrote:
> Recently I've noticed that my Apache-installation gets
> violated and that an intruder somehow manages to put stuff
> in /tmp and /var/tmp.  Then it makes Apache execute these.

Do you have mod_cgi installed and activated? If you are not
using it, disable it.

If the trouble-maker is executing things via PHP scripts,
you can stop them by disabling the exec and related
functions in PHP. The following line in /etc/php.ini would
do it for example:

disable_functions = system, exec, shell_exec, passthru, popen, pcntl_exec, openlog 

Alternatively turning on "safe mode" does this, I believe.

-- 
Jon Dowland
http://alcopop.org/

Reply to:

Prev by Date: Re: security issues with apache!
Next by Date: Re: security issues with apache!
Previous by thread: Re: security issues with apache!
Next by thread: unsubscribe
Index(es):
- Date
- Thread