httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ras...@madhaus.utcs.utoronto.ca
Subject Re: Authentication
Date Tue, 04 Jun 1996 20:30:11 GMT
> But, an attack would be to find something that kills Apache, and keep
> killing it until a process id comes around which is still in the id tree,
> because the main server hasn't cleaned it up yet, then bang, you're in.
> 
> I can't instantly think of a way around that.

That's not quite a "bang, you are in" attack.  That would take quite some
doing.  In the time it would take to roll the pid's and be lucky enough to
hit a pid in the id tree, I am sure that the real process or its parent
would have enough time to clean itself up.  When an httpd exits for
whatever reason, it should take its pid entry in the pid tree table with it.
The top httpd could also do the occasional sanity check on the pid tree
list by checking if each pid actually corresponds to a live process and if
it doesn't, remove the entry.

The bigger problem with this mechanism is to figure out a place to actually
store this pid tree table in such a way that child httpd processes can write
to it while not allowing the bad guys to do so.  One solution would be to
pass the open file descriptor from the top process, but that brings on a 
whole other porting nightmare.

-Rasmus

Mime
View raw message