[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] [Raq3i] interesting hack symptoms >> reply to Michael
- Subject: Re: [cobalt-security] [Raq3i] interesting hack symptoms >> reply to Michael
- From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
- Date: Sun, 5 Nov 2000 19:50:08 +0000 (GMT)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Sun, 5 Nov 2000, Linking Internet - Peter Batenburg wrote:
> What is there to prove with that php file?
> and whats the bug? php? running at root level? i thought php runs at the
> same level as apache.. and thats nobody..
> or am i wrong here?
Theres nothing to prove...
It's not a bug... Its just a demonstration that not giving people
'telnet' access from the administrator interface means nothing.
php runs at apaches level. Because I removed Cobalt's apache ages ago I'm
not exactly sure what userlelvel it runs at to be honest (although I do
know that apache runs as root for the admin interface).
If it is running as nobody/nobody then I am probably incorrect saying it
has write access. It should have read access however.