httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dean Gaudet <dgau...@hyperreal.com>
Subject cvs commit: apache/htdocs/manual/mod core.html mod_userdir.html
Date Sun, 16 Mar 1997 23:34:04 GMT
dgaudet     97/03/16 15:34:03

  Modified:    htdocs/manual/misc  security_tips.html
               htdocs/manual/mod  core.html mod_userdir.html
  Log:
  Add security notes about protecting /, and avoiding "UserDir ./".
  
  Submitted by:	Ken Coar
  
  Revision  Changes    Path
  1.6       +73 -4     apache/htdocs/manual/misc/security_tips.html
  
  Index: security_tips.html
  ===================================================================
  RCS file: /export/home/cvs/apache/htdocs/manual/misc/security_tips.html,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -C3 -r1.5 -r1.6
  *** security_tips.html	1997/02/03 01:40:50	1.5
  --- security_tips.html	1997/03/16 23:34:01	1.6
  ***************
  *** 1,17 ****
    <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
    <HTML>
    <HEAD>
  ! <TITLE>Apache HTTP Server Documentation</TITLE>
    </HEAD>
    
    <BODY>
    <!--#include virtual="header.html" -->
  ! <H1>Security tips for server configuration</H1>
    
    <hr>
    
    <P>Some hints and tips on security issues in setting up a web server. Some of
  ! the suggestions will be general, other, specific to Apache
    
    <HR>
    
  --- 1,17 ----
    <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
    <HTML>
    <HEAD>
  ! <TITLE>Apache HTTP Server: Security Tips</TITLE>
    </HEAD>
    
    <BODY>
    <!--#include virtual="header.html" -->
  ! <H1>Security Tips for Server Configuration</H1>
    
    <hr>
    
    <P>Some hints and tips on security issues in setting up a web server. Some of
  ! the suggestions will be general, others specific to Apache.
    
    <HR>
    
  ***************
  *** 21,27 ****
    <a href="../mod/core.html#user"><b>User</b></a> directive.  Anyone
who
    has write permission for the directory where any log files are
    being written to can append pseudo-arbitrary data to any file on the
  ! system which is writable to the user who starts Apache.  Since the
    server is normally started by root, you should <EM>NOT</EM> give anyone
    write permission to the directory where logs are stored unless you
    want them to have root access. 
  --- 21,27 ----
    <a href="../mod/core.html#user"><b>User</b></a> directive.  Anyone
who
    has write permission for the directory where any log files are
    being written to can append pseudo-arbitrary data to any file on the
  ! system which is writable by the user who starts Apache.  Since the
    server is normally started by root, you should <EM>NOT</EM> give anyone
    write permission to the directory where logs are stored unless you
    want them to have root access. 
  ***************
  *** 95,100 ****
  --- 95,169 ----
    
    This stops all overrides, Includes and accesses in all directories apart
    from those named.<p>
  + <HR>
  + <H2>
  +  Protect server files by default
  + </H2>
  + <P>
  + One aspect of Apache which is occasionally misunderstood is the feature
  + of default access.  That is, unless you take steps to change it, if the
  + server can find its way to a file through normal URL mapping rules, it
  + can serve it to clients.
  + </P>
  + <P>
  + For instance, consider the following example:
  + </P>
  + <OL>
  +  <LI><SAMP># cd /; ln -s / public_html</SAMP>
  +  </LI>
  +  <LI>Accessing <SAMP>http://localhost/~root/</SAMP>
  +  </LI>
  + </OL>
  + <P>
  + This would allow clients to walk through the entire filesystem.  To work
  + around this, add the following block to your server's configuration:
  + </P>
  + <PRE>
  +  &lt;Directory /&gt;
  +      Order deny,allow
  +      Deny from all
  +  &lt;/Directory&gt;
  + </PRE>
  + <P>
  + This will forbid default access to filesystem locations.  Add
  + appropriate
  + <A
  +  HREF="../mod/core.html#directory"
  + ><SAMP>&lt;Directory&gt;</SAMP></A>
  + blocks to allow access only
  + in those areas you wish.  For example,
  + </P>
  + <PRE>
  +  &lt;Directory /usr/users/*/public_html&gt;
  +      Order deny,allow
  +      Allow from all
  +  &lt;/Directory&gt;
  +  &lt;Directory /usr/local/httpd&gt;
  +      Order deny,allow
  +      Allow from all
  +  &lt;/Directory&gt;
  + </PRE>
  + <P>
  + Pay particular attention to the interactions of
  + <A
  +  HREF="../mod/core.html#location"
  + ><SAMP>&lt;Location&gt;</SAMP></A>
  + and
  + <A
  +  HREF="../mod/core.html#directory"
  + ><SAMP>&lt;Directory&gt;</SAMP></A>
  + directives; for instance, even if <SAMP>&lt;Directory /&gt;</SAMP>
  + denies access, a <SAMP>&lt;Location /&gt;</SAMP> directive might
  + overturn it.
  + </P>
  + <P>
  + Also be wary of playing games with the
  + <A
  +  HREF="../mod/mod_userdir.html#userdir"
  + >UserDir</A>
  + directive; setting it to something like <SAMP>&quot;./&quot;</SAMP>
  + would have the same effect, for root, as the first example above.
  + </P>
    
    <HR>
    <P>Please send any other useful security tips to
  
  
  
  1.39      +24 -0     apache/htdocs/manual/mod/core.html
  
  Index: core.html
  ===================================================================
  RCS file: /export/home/cvs/apache/htdocs/manual/mod/core.html,v
  retrieving revision 1.38
  retrieving revision 1.39
  diff -C3 -r1.38 -r1.39
  *** core.html	1997/02/23 00:42:33	1.38
  --- core.html	1997/03/16 23:34:02	1.39
  ***************
  *** 315,320 ****
  --- 315,344 ----
    <li>Apply any FileInfo directives in <code>/home/web/.htaccess</code>
    </menu>
    
  + <P>
  + <STRONG>
  + Note that the default Apache access for &lt;Directory /&gt; is
  + <SAMP>Allow from All</SAMP>.  This means that Apache will serve any file
  + mapped from an URL.  It is recommended that you change this with a block
  + such as
  + </STRONG>
  + <PRE>
  +  &lt;Directory /&gt;
  +      Order Deny,Allow
  +      Deny from All
  +  &lt;/Directory&gt;
  + </PRE>
  + <P>
  + <STRONG>
  + and then override this for directories you <EM>want</EM> accessible.
  + See the
  + <A
  +  HREF="../misc/security_tips.html"
  + >Security Tips</A>
  + page for more details.
  + </STRONG>
  + </P>
  + 
    The directory sections typically occur in the access.conf file, but they
    may appear in any configuration file. &lt;Directory&gt; directives cannot
    nest, and cannot appear in a <A HREF="#limit">&lt;Limit&gt;</A> section.
  
  
  
  1.5       +17 -0     apache/htdocs/manual/mod/mod_userdir.html
  
  Index: mod_userdir.html
  ===================================================================
  RCS file: /export/home/cvs/apache/htdocs/manual/mod/mod_userdir.html,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -C3 -r1.4 -r1.5
  *** mod_userdir.html	1997/02/25 03:57:48	1.4
  --- mod_userdir.html	1997/03/16 23:34:02	1.5
  ***************
  *** 46,51 ****
  --- 46,68 ----
    UserDir http://www.foo.com/~*/     -> http://www.foo.com/~bob/one/two.html
    </pre>
    
  + <P>
  + <STRONG>
  + Be careful when using this directive; for instance, <SAMP>&quot;UserDir
  + ./&quot;</SAMP> would map <SAMP>&quot;/~root&quot;</SAMP>
to
  + <SAMP>&quot;/&quot;</SAMP> - which is probably undesirable.  See also
  + the
  + <A
  +  HREF="core.html#directory"
  + >&lt;Directory&gt;</A>
  + directive and the
  + <A
  +  HREF="../misc/security_tips.html"
  + >Security Tips</A>
  + page for more information.
  + </STRONG>
  + </P>
  + 
    <!--#include virtual="footer.html" -->
    </BODY>
    </HTML>
  
  
  

Mime
View raw message