httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lou D. Langholtz" <...@usi.utah.edu>
Subject Re: [PATCH] various security problems
Date Fri, 04 Jul 1997 01:29:23 GMT
Dean Gaudet wrote:
> 
> Summary:  There's a bunch of ways to bypass the symlink restrictions, or
> otherwise serve up any file on the system.
> . . .

Just a reminder on an old post I made...

On this thread, FollowSymlinksIfOwnersMatch can also be circumvented by
users by telling there sys-admin to restore one of there web directories
containing some symlinks which often doesn't preserve the symlink owner.
Now they got root owned symlinks which is just perfect for pointing at /
and voila, they can export the whole filesystem tree (just about).

If anybody wants additional protection against Symlink dangers I wrote a
simple module a while back and put it at
<http://www.eng.utah.edu/~ldl/apache/modules/disallow_id/>. I've also
recently updated it to compile more cleanly with 1.2.0 as well as 1.1.*

Mime
View raw message