Re: HELP!!!, can't login even as root
On Mon, 2004-11-22 at 23:54, Antonio Rodriguez wrote:
[...]
> I will need to use uploading of pictures in a website, and it seems to
> me that this was the window used by (who/what)ever entered. Do you
> have any recommendations about security measures related to this?
> May creating some chroot environment, and then "file
> pic" and make a decision from there, who knows. Any pointers to this
> will be greatly appreciated.
Check out the november 2004 issue (# 48) of linux magazine
(https://www.linux-magazine.com/issue/48), it has an article on securing
PHP scripts/servers which you might find interesting. Among other
things it explains that "Safe_mode" isn't as safe as the name suggests.
ATM the article isn't available online so I'll include the URL's of the
article:
[1] PHP documentation: http://www.php.net/docs.php
[2] Manual on PHP security:
http://de2.php.net/manual/de/security.index.php
[3] Marc Heuse, "Installing a Secure Web Server":
http://www.suse.de/de/private/support/online_help/howto/secure_webserv/
[4] Criticism of PHP safe_mode:
http://ilia.ws/archives/18_PHPs_safe_mode_or_how_not_to_implement_security.html
HTH
Bram
--
# Mertens Bram "M8ram" <bram-mertens@linux.be> Linux User #349737 #
# SuSE Linux 8.2 (i586) kernel 2.4.20-4GB i686 512MB RAM #
# 1:49pm up 10 days 4:32, 11 users, load average: 0.15, 0.23, 0.10 #
Reply to: