[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Subject: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
From: Nico Meijer <nico.meijer@xxxxxxxxx>
Date: Fri, 08 Feb 2002 11:10:34 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Barbara,

Luckily I don't allow shell access so those files
can't be viewed.


Good for you, but maybe not enough.

If you run PHP in it's default mode, any file readable by the apache useris readable by a PHP script. Then, it *is* a (severe) security issue!

On a few of my systems, I checked /etc/shadow* just to be sure and allpermissions are 400, owned by root.


This definitely needs fixing. 644 on /etc/shadow* is a Bad Thing (TM)!

Good luck all... Nico

Follow-Ups:
- Correction to own post Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
  - From: Nico Meijer
- [cobalt-security] Apache running as root . . . .
  - From: Fragga

References:
- [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
  - From: Barbara

Prev by Date: [cobalt-security] Re: Problem with the web server on libphp4.so after update RaQ4-en-OSUpdateRelease 2.0
Next by Date: Correction to own post Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Previous by thread: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Next by thread: Correction to own post Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index