[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] RaQ2/3: Default user access/site permissions

Subject: RE: [cobalt-security] RaQ2/3: Default user access/site permissions
From: "Jose Luis Aguilar" <jlaguilar@xxxxxxx>
Date: Thu, 24 Aug 2000 20:40:31 -0400

Actually perl scripts and anything handled by CGIWrap can be world NOT
readable. This is because CGIWrap is setuid and runs the script as the owner
of the file. If you wrap PHP with CGIWrap, you can have php script also not
world readable. This way you can protect password and sensitive information
needed for db connections, etc.

I have a question about the RAQ4: How does it handle PHP scripts? Does it
wrap them with CGIWrap? Or every php script on the RAQ4 runs with the web
server permissions?

Thanks,

JLA


-----Original Message-----
From: cobalt-security-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-security-admin@xxxxxxxxxxxxxxx]On Behalf Of Matthias
Pigulla
Sent: Thursday, August 24, 2000 6:35 PM
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: RE: [cobalt-security] RaQ2/3: Default user access/site
permissions


Hi Michelle,

this also affects RaQ3 machines.

> Is there any reason why I can't chmod all of the sites in my
> /home/sites directory not to be readable/executable by other?  I
> don't see any reason why a person who has telnet access to the
> machine should be allowed to traipse through other sites on the
> machine.

I think some of us would like to set the permissions as you described,
at least I do - I consider security (if you want, call it privacy in
this context) important.

The current setup is a p*-i-t-a*, but necessary: The files are set to
belong to their creators; group permission is needed for group access
which is the 'site[x]'-group for hosted sites.
The "others" privilege is used for the web server (httpd) itself.

That means that EVERYbody is able to read a site's files, at least those
files that have to be served/accessed by the webserver.

Among these are (usually, nowadays) PHP or PERL scripts; these almost
always contain passwords for database access (e. g. MySQL, Postgres).
Everybody with "local" access to your machine is able to read these
files. "local" access means: shell (telnet, ssh), but also CGI, PHP and
the like - it does not matter wheter you have PHP built as a module or
not or wheter you run CGIwarp and the like.

I consider this _VERY_ bad. For exactly this reason I avoid hosting of
sensitive data or data that is subject to privacy policies and the like
on Cobalt machines - all other customers on the same machine can (if
they want to) access it.

Idea: One could revoke the "others" permissions and have the webserver
run as root. Just compile Apache with the -DBIG_SECURITY_HOLE flag set.
>:-)

Any ideas, anyone?

Just my $0.02. Regards,
Matthias
--

 w e b f a c t o r y   G m b H
   Matthias Pigulla <mp@xxxxxxxxxxxxx> - Geschaeftsfuehrer
   Lessingstr. 60 - D-53113 Bonn - Germany - www.webfactory.de
   Fon +49(0)228-9114455 - Fax +49(0)228-9114499 - ICQ 6394233


_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security

References:
- RE: [cobalt-security] RaQ2/3: Default user access/site permissions
  - From: Matthias Pigulla

Prev by Date: RE: [cobalt-security] RaQ2/3: Default user access/site permissions
Next by Date: Re: [cobalt-security] RaQ2: Default user access/site permissions
Previous by thread: RE: [cobalt-security] RaQ2/3: Default user access/site permissions
Next by thread: Re: [cobalt-security] RaQ2: Default user access/site permissions

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index