[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Security issue regarding Sites Backups

Subject: [cobalt-security] Security issue regarding Sites Backups
From: "Davide Crudo" <dcrudo@xxxxxxxxxxxxx>
Date: Tue, 28 Aug 2001 10:28:47 +0200
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi,

I'm new to te list, so I have no idea if this has been
handled before:

I've noticed that it is possible for a user to restore a website
wich does not belong to him/her just with his user
permissions...

For instance:

Two racks:
Raq4-1
Raq4-2

Let's say that on the web server on Raq4-1 are running 15 websites and the
user 15 backupped website 1 thru 7 on Raq4-2.

Accessing his user account 15 on Raq4-1 he can actually use the restore file
coming from Raq4-2 to perform a restore on 4-1....  the result would be that
websites 1 thru 7 on raq4-1 would be overwritten.

I think that the problem here is that in the backup file is stored the
complete
path from /home and that the restore is perfomerd by the system with admin
rights...

I wonder if modifying the Backup file... it would be possible to overwrite
even system
files.

Has anyone noticed that?

Thanx,

Dave.

Follow-Ups:
- Re: [cobalt-security] Security issue regarding Sites Backups
  - From: Ted Behling

References:
- Re: [cobalt-security] Was: SSH Tunneling - Cheap client to use? Now GUI SSL
  - From: enrique

Prev by Date: Re: [cobalt-security] problem with RaQ4-All-Security-1.0.1-10602 update
Next by Date: [cobalt-security] lcap, /dev/mem and CAP_SYS_RAWIO
Previous by thread: Re: [cobalt-security] Was: SSH Tunneling - Cheap client to use? Now GUI SSL
Next by thread: Re: [cobalt-security] Security issue regarding Sites Backups

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index