httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aaron Bannert <>
Subject Re: Apache config files and alternate config sources
Date Wed, 15 Aug 2001 18:34:41 GMT
On Wed, Aug 15, 2001 at 06:08:56PM +0200, Graham Leggett wrote:
> Aaron Bannert wrote:
> > One of the biggest dangers in this kind of a thing (and it is rather similiar
> > to depending on a remote DTD in XML) is that you are now implicitly trusting
> > DNS for authenticity. A poisoned DNS entry could be catastrophic.
> We face that problem today with the virtualhost directives, etc (any
> directive that can take a DNS name as an argument).

The attack is the same, but the result is different. Named virtual hosts
only really affect how the client contacts the server, and everything
else happens in HTTP (in the Host: header). You can not prevent someone
from altering their own DNS entries maliciously. OTOH, DNS-trusted
runtime-config would allow an attacker to configure your httpd with
whatever LDAP config they wanted, including SuEXEC, piped logs, etc.

This is really just a hypothetical demonstration, I may be going overboard
here. :)


View raw message