[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] [Raq3i] interesting hack symptoms >> reply to Michael

Subject: Re: [cobalt-security] [Raq3i] interesting hack symptoms >> reply to Michael
From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
Date: Sun, 5 Nov 2000 19:50:08 +0000 (GMT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Sun, 5 Nov 2000, Linking Internet - Peter Batenburg wrote:

> What is there to prove with that php file?
> and whats the bug? php? running at root level? i thought php runs at the
> same level as apache.. and thats nobody..
> or am i wrong here?

Theres nothing to prove...

It's not a bug...  Its just a demonstration that not giving people
'telnet' access from the administrator interface means nothing.

php runs at apaches level.  Because I removed Cobalt's apache ages ago I'm
not exactly sure what userlelvel it runs at to be honest (although I do
know that apache runs as root for the admin interface).

If it is running as nobody/nobody then I am probably incorrect saying it
has write access.  It should have read access however.

References:
- Re: [cobalt-security] [Raq3i] interesting hack symptoms >> reply to Michael
  - From: Linking Internet - Peter Batenburg

Prev by Date: Re: [cobalt-security] [Raq3i] interesting hack symptoms >> reply to Michael
Next by Date: Re: [cobalt-security] [Raq3i] interesting hack symptoms >> reply to Michael
Previous by thread: Re: [cobalt-security] [Raq3i] interesting hack symptoms >> reply to Michael
Next by thread: Re: [cobalt-security] [Raq3i] interesting hack symptoms >> reply to Michael

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index