[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Raq3 && PHP4.0.4pl1 => BIG SECURITY HOLE

Subject: Re: [cobalt-users] Raq3 && PHP4.0.4pl1 => BIG SECURITY HOLE
From: Glen Scott <glen@xxxxxxxxxxxxxxxxxxxx>
Date: Thu Sep 13 20:18:29 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Hi there,

Some of our customers started complaining lately about the fact that onces
they uploaded files through PHP and used the "move_uploaded_file" function
of php the rights of the uploaded file would look like this.

-rw-------   1 httpd    root           66 Sep 13 15:53
/home/sites/home/web/tmp/test.file

Which is off course a huge security hole !!!

Why is this a security hole? As far as I can see, the file can onlybe read and written to by the user 'httpd'. Isn't the group in thiscase irrelevant?

Anyway, I can confirm that PHP4.0.6 sets the permissions for uploadedfiles in this way, too.


Regards,

Glen Scott

--
---
  Design Solution Limited
  t: +44 (0)1502 513008
  f: +44 (0)1502 588622
  e: info@xxxxxxxxxxxxxxxxxxxx
  w: http://www.designsolution.co.uk
  Nouvotech House, Harbour Road,
  Oulton Broad, Suffolk, NR32 3LZ, UK
---
DS Knowledge Base http://faq.dessol.co.uk

Follow-Ups:
- Re: [cobalt-users] Raq3 && PHP4.0.4pl1 => BIG SECURITY HOLE
  - From: Marco Baurdoux
- Re: [cobalt-users] Raq3 && PHP4.0.4pl1 => BIG SECURITY HOLE
  - From: Ted Behling

References:
- [cobalt-users] Raq3 && PHP4.0.4pl1 => BIG SECURITY HOLE
  - From: Marco Baurdoux

Prev by Date: [cobalt-users] [RaQ3] Webalizer problems...
Next by Date: [cobalt-users] [raq4]SSL Private Key
Previous by thread: [cobalt-users] Raq3 && PHP4.0.4pl1 => BIG SECURITY HOLE
Next by thread: Re: [cobalt-users] Raq3 && PHP4.0.4pl1 => BIG SECURITY HOLE

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index