Separate names with a comma.
Discussion in 'Security' started by DjiXas, Sep 11, 2010.
When will this be fixed?????????????
We reported this over a year ago to cPanel. I know a lot of scripts use followsymlinks, so what we ended up doing at www.HostGator.com is writing a patch for Apache that forced followsymlinks to function the same as the follow symlinks owner match Option.
Sites can be exploited very easily with follow symlinks being enabled or unpatched.
As the Apache developers themselves note (core - Apache HTTP Server) symlink testing is prone to race conditions that allow the check to be circumvented. Specifically the behavior of SymLinksIfOwnerMatch should not be considered a security safeguard or measure.
A surer safe guard is to put measures in place that reduce the amount of code that runs as the Apache user ('nobody' on a cPanel system). Things such as suPHP, suexec and so forth can help with this.
In conjunction with reducing the use of the Apache user, having restrictive ownership and permissions on files and directories will reduce the target vector. Specifically, removing the need for Everyone to have access to files and directories in the user's home directory.