Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Security problem - php running as noboby

Discussion in 'Security' started by Markwaugh, Jan 21, 2004.

  1. Markwaugh

    Markwaugh Well-Known Member

    Joined:
    Aug 12, 2003
    Messages:
    151
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Sydney, Australia
    Hello Guys,

    Currently I or any user on the system could read any of my files through a php file. This allows all passwords to be viewed. I have tested this and I can read config files of one of my clients on the server - user steeve

    I can't seem to find a combination of permissions that will allow the config to be executed by steeve - but not read by another user on the system. .

    suExec is currently enabled and I have also prevented the user 'nobody' from sending out mail to remote addresses.but the below code


    <?
    $file = fopen ("/home/mark/public_html/common/connection.php", "r");
    if (!$file) {
    echo 'not able to read';
    }else{
    while (!feof ($file)) {
    $message .= fgets ($file, 4096);
    }
    echo $message;
    }
    fclose($file);
    ?>

    As far as I can test (some) user can read files using php fopen that belong to other users eg. steeve.

    This is going to be a problem with on of my other users that will have sensitive data on the server. any ideas would be highly appricated.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    Yes, that's the normal behaviour of PHP under Apache - nicely insecure.

    Apache SuExec has nothing to do with PHP, that only provides a "secure" environment for CGI scripts.

    There are 2 main options:

    1. Recompile Apache and include PHP SuExec. You can do this from within WHM under Software > Update Apache > read from there on

    Or

    2. Under Server Setup > Tweak Security, enable php open_basedir Tweak
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Elikster

    Elikster Well-Known Member

    Joined:
    Feb 8, 2003
    Messages:
    119
    Likes Received:
    1
    Trophy Points:
    168
    suPHP

    Or you can use the suPHP module instead of recompiling apache and patching php and apache with that phpsuexec. You can get it at www.suphp.org.
     
  4. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    343

    good morning :) .. Sorry me .. however it's a problem discussed from years .
    Same problem with perl and python and other languages however .
    Your server is open , since your users are not chrooted.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice