Posted by Erwin Moller on 12/06/05 11:59

bio-anomoly wrote:

> I was just giving my PHP a bit of a spin, and I noticed that opendir
> opens EVERYTHING, and unix commands can be executed with the ' grave,
> like this 'ls -lR /'.
>
> Can someone quantify how slack this is? Is it normal practice amongst
> large servers?
>
> When the security is this crap, what else can happen?

Hi,

Well, that is a common problem.
On many servers the user that runs as apache (www-data) must be able to read
your php-files.

So often a group is created where you, and www-data, and all others on the
same machine are in.
In that way they get access to your files.

A better setup would be that your provider will add www-data to a group with
you alone.
You could ask them to do so.
If they comply you remove all 'everybody' rights from all your files.

Or just pretend to be stupid, call your provider and ask them why you can
access other people's files.
Let THEM come up with a solution, because they created this problem in the
first place. What surely will help is telling them that if they do not
solve the problem, you will leave them and will tell all other users too
about this problem.

Regards,
Erwin Moller

[Back to original message]