From: Sergei G. <sgo...@gm...> - 2006-07-05 18:20:58
|
Hi! I would like to submit two little patches to Yaws (BTW, it's an excellent piese of software!) 1) Yaws 1.63 doesn't work with PHP version 4.3.2 or later (see http://bugs.php.net/bug.php?id=28227). These versions of PHP look at SCRIPT_FILENAME environment variable to find the filename. The patch simply defines this variable. 2) It seems to me that module yaws_ctl is insecure. Now it's prefectly possible for local user to find yaws_ctl socket (usually there are only a few sockets which listen on localhost) and send the command to yaws_ctl, for example stopping the server (DoS attack). The patched Yaws uses simple cookie-based authentication. Cookie is stored in the same file as the port to connect. So, to be able to control Yaws the attacker must read the Yaws control file. Both patches are attached (in a single file). Best wishes! -- Sergei Golovan |