lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue Apr 12 00:44:58 2005
From: greed at pobox.com (Graham Reed)
Subject: Phun With Apache

On Apr 1, 2005, at 4:19 AM, duper@...lhackforfood.biz wrote:
> ## Apache follows symbolic links referenced by public_html!
> ## Even when SymLinksifOwnerMatch is set and FollowSymLinks is not!
> ## A super-easy way to gain read access on files owned by the apache 
> user!

It's not (only) a mod_userdir problem.

I found the problem is fully reproducible on the intranet server I 
run--but it does not use mod_userdir.  It gets its work done with 
AliasMatch directives.

I currently believe the culprit is the <Directory> and <DirectoryMatch> 
directives are allowing symbolic links, without following the 
ifOwnerMatch part of the directive.

-- 
"Dead people don't send spam."

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ