Re: [BUGTRAQ] php breaks safe mode

From: Steffen Dettmer (steffenat_private)
Date: Thu Jul 05 2001 - 14:53:01 PDT

Next message: 3APA3A: "Re: Windows MS-DOS Device Name DoS vulnerabilities"

Previous message: Kevin O'Brien: "RE: Tunnel ports allowed on NetApp NetCaches"
In reply to: Joost Pol: "Re: [BUGTRAQ] php breaks safe mode"
Next in thread: Sander Steffann: "Re: [BUGTRAQ] php breaks safe mode"
Reply: Sander Steffann: "Re: [BUGTRAQ] php breaks safe mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Joost Pol wrote on Tue, Jul 03, 2001 at 02:04 +0200:
> On Mon, Jul 02, 2001 at 03:12:43PM -0700, Joe Harris wrote:
> 
> 1. User could obtain the uid of the webserver. (nobody access)
> [...] the impact would be minor.

Usually the Webserver is able to read the sources of the PHP
scripts. PHP scripts may include passwords for database access.
Since PHP is usually mod_php and not suexec'd, this seems to be a
common problem. With account to such databases really important
damage could be done!

Elevated priviliges are never "minor" issues IMHO.

oki,

Steffen

-- 
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel.

Next message: 3APA3A: "Re: Windows MS-DOS Device Name DoS vulnerabilities"
Previous message: Kevin O'Brien: "RE: Tunnel ports allowed on NetApp NetCaches"
In reply to: Joost Pol: "Re: [BUGTRAQ] php breaks safe mode"
Next in thread: Sander Steffann: "Re: [BUGTRAQ] php breaks safe mode"
Reply: Sander Steffann: "Re: [BUGTRAQ] php breaks safe mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 05 2001 - 23:08:43 PDT