RE: [Nms-cgi-devel] World r/w able files and directories

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

> - disabling r/w access to others but making sure the files are r/w to
>   group and set the group to www-data (or whatever the httpd is running
>   as)
Remember that the webserver is the ONLY user accessing these files
(regardless of whether it's through someone's browser or not). So changing
the group permissions doesn't do anything unless someone is logged-in
locally.

> - putting all possible world r/w files below the document root (or
>   above, depending how you see this)
This would only work for the .txt files. The HTML must be under the docroot.

There really is no totally secure way of securing r/w files on a webserver,
as the webserver UID is the one that needs to write to them, and this is the
most likely UID target for exploits (but it has become more rare). The one
way that I have seen it done (and I don't recommend it for writeable files),
have the first few lines of the file like so:
#!/usr/bin/perl
exit;
# text data below
And then name the file (something).pl and make it r/x. The script now
ignores these lines when reading the file, and just reads the data below.
The result is that when someone is trying to read the file in a browser, the
script is executed rather than displayed. The problems are that the file
needs to be in an ExecCGI directory, and it can't be writable, as that could
open the door to malicious code being inserted.

I think that the existing system of file storage should be fine. You could
suggest that the password file be moved somewhere more secure, but I think
even that might be overkill. As long as the server is secure, and the user
uses decent passwords (no dictionary words, at least 7 chars, and mixed
case), it should be fine.
Grant M.