[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Possible bug in PHPNuke and other CMS

To: Bugtraq <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Re: Possible bug in PHPNuke and other CMS
From: BlueRaven <blue@xxxxxxxxxxxxxxxxxx>
Date: Fri, 4 Jun 2004 14:25:07 +0200

Il giorno 01/giu/04, alle 19:13, Luca Falavigna ha scritto:

File permissions must always permit execution of php pages by web
servers. And symlink is followed and code executed because web servers
must have access to that directory and code. We can operate with php
security options too and obtain the same result but what if we cannot
modify them? We are uncovered!!!

Agreed, but I think that, in this case, the real problem would be an insecure configuration of the underlying webserver: any security-aware administrator should configure it to NOT follow symlinks or, at last, follow them if and only if the destination file belongs to the same user (SymLinksIfOwnerMatch directive in Apache).

--
BlueRaven

Did you know that, if you play a Windows 2000 CD backwards,
you will hear the voice of Satan? That's nothing!
If you play it forward, it will install Windows 2000!!!

References:
- Possible bug in PHPNuke and other CMS
  - From: Luca Falavigna
- Re: Possible bug in PHPNuke and other CMS
  - From: Alexander GQ Gerasiov
- Re: Possible bug in PHPNuke and other CMS
  - From: Luca Falavigna

Prev by Date: RE: PING: Outlook 2003 Spam
Next by Date: Re: Format String Vulnerability in Tripwire
Previous by thread: Re: Possible bug in PHPNuke and other CMS
Next by thread: LinkSys WRT54G administration page availble to WAN
Index(es):
- Date
- Thread