Oops, forgot to reply to list.
To: Eric Cholet <[EMAIL PROTECTED]> Subject: Re: evil scripts kill the server... From: Ilya Martynov <[EMAIL PROTECTED]> >>>>> On Thu, 17 Oct 2002 14:09:17 +0200, Eric Cholet <[EMAIL PROTECTED]> said: EC> Yes, please explain how careless programming practice can make root EC> access available to the world. Apache by default runs under the EC> unpriviliged user 'nobody', seems to me that giving root access to EC> the world would require running Apache as root, not something which EC> can be achieved only by careless programming. Am I missing something? Often Apache is started as root initially (to let it bind low number ports like 80) and later switches to other UID to serve client requests. One implication of this scheme is that when Perl modules are preloaded during Apache startup Apache runs as root. So some programming errors in code which is preloaded combined with such setup actually may lead to root exploit. Though it should be hard to exploit as normally client requests don't affect startup stage and thus cannot interact potentially insecure code. -- Ilya Martynov, [EMAIL PROTECTED] CTO IPonWEB (UK) Ltd Quality Perl Programming and Unix Support UK managed @ offshore prices - http://www.iponweb.net Personal website - http://martynov.org