> > > Previously Brian White wrote: > > > > apache 32204 user directories allow symlinks to other files > > > > [0] (Johnie Ingram <[EMAIL PROTECTED]>) > > > > > > We should just force SymLinksIfOwnerMatch for /home to solve this. > > > > You know, I don't see this as "grave". It means that a user can > > effectively "export to the world" any file readable by www-data. In > > general, this means only things that can be read by public. So, > > the user can't intentionally export anything that he/she couldn't already > > do by other means. > > > > The problem comes with unintentional exports... Well, it's a bug. I > > don't see it as being a security hole. Thoughts? > > Did you ever think that exporting vital databases that are under cgi > control would be a serious security bug? And what about apache using > the mod_roaming module, which saves netscape preferences, _security_ > certificates, bookmarks, and preferences. > > This doesn't even count directories protected by .htpasswd auth whose > files can easily be compromised, and even the .htpasswd file itself can > be exported by linking it as a .html file, exposing all the excrypted > password information, which may be the same passwords as the system. > > This is a serious security hole, we need to close before release.
I understand. My point, however, was that anyone who exports those things on purpose could just as easily copy the file, ftp it, email it, or whatever. Plugging a whole in the side of a boat doesn't help when the boat has no bottom. Brian ( [EMAIL PROTECTED] ) ------------------------------------------------------------------------------- Premature optimization is the root of all evil. -- Donald Knuth