"Reindl Harald" wrote:
> Am 11.08.2013 22:15, schrieb Stefan Kanthak:
>> "Reindl Harald" wrote:
>>> Am 10.08.2013 16:52, schrieb Tobias Kreidl:
It is for this specific reason that utilities like suPHP can be used as a
powerful tool to at least keep the
account user from shooting
"Reindl Harald" wrote:
> Am 10.08.2013 16:52, schrieb Tobias Kreidl:
>> It is for this specific reason that utilities like suPHP can be used as a
>> powerful tool to at least keep the
>> account user from shooting anyone but him/herself in the foot because of any
>> configuration or broken secu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
+--+
| Packet Storm Advisory 2013-0811-1|
| http://packetstormsecurity.com/ |
+
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-2736-1 secur...@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
August 11, 2013
Agreed. Many sites limit users to at most SymLinksIfOwnerMatch for that
very reason, not to mention limits on CGI privileges. AllowSymlinks,
IMO, ought to be reserved for the sysadmin on the server and used
sparingly. You can, of course, even require .htaccess configurations to
be set in the s
Am 11.08.2013 14:50, schrieb Ansgar Wiechers:
> On 2013-08-11 Reindl Harald wrote:
>> Am 10.08.2013 16:52, schrieb Tobias Kreidl:
>>> It is for this specific reason that utilities like suPHP can be used
>>> as a powerful tool to at least keep the account user from shooting
>>> anyone but him/hers
> for doing this features in httpd.conf you can use AllowOverride None instead
> of AllowOverride all
AllowSymlinks is a red herring here (hardlinks should do, unless you
have stuff partitioned in a very thoughtful way, which most don't),
similarly to suexec.
In general, sharing web hosting provi
On 2013-08-11 Reindl Harald wrote:
> Am 10.08.2013 16:52, schrieb Tobias Kreidl:
>> It is for this specific reason that utilities like suPHP can be used
>> as a powerful tool to at least keep the account user from shooting
>> anyone but him/herself in the foot because of any configuration or
>> bro
Am 10.08.2013 16:52, schrieb Tobias Kreidl:
> It is for this specific reason that utilities like suPHP can be used as a
> powerful tool to at least keep the
> account user from shooting anyone but him/herself in the foot because of any
> configuration or broken security
> issues. Allowing suexe
... ciao:
: on "8-10-2013" "Gichuki John Chuksjonia" writ:
: most of the Admins who handle webservers
: in a network are also developers
name , just a "few"
: most of the organizations will always need to cut on expenses,
history suggests, security breaches, are NOT a profit cente
It is for this specific reason that utilities like suPHP can be used as
a powerful tool to at least keep the account user from shooting anyone
but him/herself in the foot because of any configuration or broken
security issues. Allowing suexec to anyone but a seasoned, responsible
admin is IMO a
11 matches
Mail list logo
