httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rod Roark <...@sunsetsystems.com>
Subject Re: Virtual hosting: comments requested
Date Fri, 26 Oct 2001 03:22:12 GMT
Thanks Cliff... that was the kind of feedback I was looking for.
Guess I'll have to wait for 2.0.

BTW you guys are the greatest!

-- Rod

On Thursday 25 October 2001 06:21 pm, Cliff Woolley wrote:
> On Thu, 25 Oct 2001, Rod Roark wrote:
> > Um, how?  It's clear that all scripts will run as user apache,
> > but the whole point is that if you don't know the other user's
> > documentroot name
>
> Well, I'd kind of missed that you were counting on the 711 directory
> permissions.  But still...
>
> > then you can't formulate a malicious request.
>
> Sure you can.  There's an ap_document_root() function, all you need
> is the server_rec for that vhost.  The list of server_rec's is
> static to the core, but if you tried hard enough, I bet you could
> find a way to get at it.
>
> For example, while I haven't actually tried this, I just poked
> around in http_vhost.c and it looks like you can change r->hostname
> to the host you're interested in, then call
> ap_update_vhost_from_headers(r) and then call
> ap_document_root(r->server) and you've got the docroot.
>
> Even if this is broken for some reason (like I say, I didn't
> actually try it), there's most likely some other way to do it.  This
> is security through obscurity at best, unfortunately.  :-/
>
> --Cliff
>
> --------------------------------------------------------------
>    Cliff Woolley
>    cliffwoolley@yahoo.com
>    Charlottesville, VA

Mime
View raw message