From: Pawel R. <pa...@rs...> - 2003-05-12 12:24:12
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Some background first: i'm running hosting services to customers basing on Apache and PHP. I've notice problem with securing php scripts from reading by others customers. directory layout is something like this: (in brackes are owners) /home/dynwww (root) /home/dynwww/s (root) /home/dynwww/s/si (root) /home/dynwww/s/si/site.domain.pl (siteuser). Apache is running as user www. My first attemtp was to get owner of cdir and compare it to owner of opening file: #v+ if ((syscall == SYS_open && (ruid == GET_UID("www"))) ) { #v- it was ok since i've changed dir to /etc for example. cdir owner become root, and i was able to read root files ( as long as permissions allowed that). after all i've catch SYS_chdir and wrote policy for it so www can change directory to only some locations (like /tmp). It looks like everything was ok, but wasn't. Apache was serving many files as one process so i've to changed #v+ MaxRequestPerChild 1. #v- It's passed firsts tests but i've some problems with session handling, and user-writed files. Does anyone tried to deal with this kind of problem ? All comments, sugestions, cules are welcome. I'll try to rewrite whole rules after Your sugestions. It didn't attach my rules because code with in is brainfucking, and i think my approach is still wrong. - -- Pawel Rutkowski Centauri RSC +48 22 853 0 444 http://www.rsc.pl -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+v5JgaDcb2WrrB7QRAuKEAJ91V0KKvGiRlEtL2N8mLOlOS1nPAACfXY/d c32gQqKW95+8ZjBE+mwDNlY= =ezQ4 -----END PGP SIGNATURE----- |