Re: Apache 2.x leaked descriptors
From: Christian Kratzer (ck@cksoft.de)
Date: 02/24/03
- Previous message: Seth Knox: "Re: Bypassing Personal Firewalls"
- In reply to: David M. Wilson: "Re: Apache 2.x leaked descriptors"
- Next in thread: Brian Hatch: "Re: Apache 2.x leaked descriptors"
- Reply: Brian Hatch: "Re: Apache 2.x leaked descriptors"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 24 Feb 2003 22:58:50 +0100 (CET) From: Christian Kratzer <ck@cksoft.de> To: "David M. Wilson" <dw-securityfocus.com@botanicus.net>
Hi,
On Mon, 24 Feb 2003, David M. Wilson wrote:
> On Sat, Feb 22, 2003 at 02:46:59PM -0800, jon schatz wrote:
[snipp]
> Ideal permissions on CGI directories do not differ to the permissions on
> other content directories. I think you may be confused as to what
> execute permission actually means:
the point about leaked file descriptors is not about execute permissions.
Apache 2.0 currently execs cgi scripts / server side includes etc... with
file descriptors open to all access and error logs on the server and also
to a couple of internal pipes.
This means any cgi script can muck around with all access and error logs,
read them, truncate them, overwrite them or append funny stuff.
There is a bug in apache 2.0 that prevents closing of these internal resources
before running the cgi's.
Thats all. And thats enough ...
Greetings
Christian
-- CK Software GmbH Christian Kratzer, Schwarzwaldstr. 31, 71131 Jettingen Email: ck@cksoft.de Phone: +49 7452 889-135 Open Software Solutions, Network Security Fax: +49 7452 889-136 FreeBSD spoken here!
- Next message: Michael Wojcik: "RE: Apache 2.x leaked descriptors"
- Previous message: Seth Knox: "Re: Bypassing Personal Firewalls"
- In reply to: David M. Wilson: "Re: Apache 2.x leaked descriptors"
- Next in thread: Brian Hatch: "Re: Apache 2.x leaked descriptors"
- Reply: Brian Hatch: "Re: Apache 2.x leaked descriptors"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
