security problem

graziano

With this code ,

function getMORE()
{
    ob_start();
        passthru("/bin/more /etc/passwd");
        echo"<br>";
        $lookupb = ob_get_contents();
    ob_end_clean();
    return $lookupb;
}

$topb = getMORE();
echo  ">> $topb";

any user on my server can read my /etc/passwd dir .

What can I do to avoid this ???

(I was using
php_admin_value open_basedir "/home/user:/tmp"
but it not enough !! )

id10t

Use shadow passwords? If you do that, they will only get username, home directory, etc. info - the passwords are kept in a separate file with very restrictive permissions.

Another option that may work even better would be to run your webserver in a chroot environment.

graziano

I know about shadow , and I have it .

However if the hacker get the users on the server , then he could look around , and on the same way he catched the /etc/passwd file , he can catch data and flat text passwords around /home/user/public_html .

php safe mode seems to be only solution , however it's too much restrictive . I hope that php.net will produce something better for servers which are providing php on shared enviroments 🙁 .

largo

I understand your frustration, there are many issues with safe mode and dir restriction. Unfortunately, for ISPs providing php as an apache mod in shared environments, there is no sound alternative.

One method of course is running it as a cgi and patching apache with suexec. I know, it's a bit of a drain, but you'll have one less thing to worry about.

-m.

graziano

Originally posted by largo
I understand your frustration, there are many issues with safe mode and dir restriction. Unfortunately, for ISPs providing php as an apache mod in shared environments, there is no sound alternative.

One method of course is running it as a cgi and patching apache with suexec. I know, it's a bit of a drain, but you'll have one less thing to worry about.

-m.

I know also cgi mode however clients want to use .php 🙂 .
I hope that in the next versions there will be more control
regarding this problem .