Re: Apache 1.3.33 (from sarge) and mod_chroot
I've had good luck with nullmailer for just this situation. It's simple and lightweight, works well in chroot. Steve === = Home Page: http://www.braingia.org/= === On Thu, Mar 24, 2005 at 07:31:03AM +0100, Krzysztof J??wiak wrote: > Hello! > > My web server was hacked a few days ago and I decided to install some > new program and modules which improve security. > I find in sarge libapache-mod-chroot which chroot apache (and it work > fine) but I can't send mail from php. > I installed ssmtp in chroot (I think so) in chroot environment but it > doesn't help :( > > Does anyone use this module? Perhaps I do something wrong with it ssmtp... > > -- > Krzysztof Jozwiak > Debian administrator > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Apache 1.3.33 (from sarge) and mod_chroot
Hello! My web server was hacked a few days ago and I decided to install some new program and modules which improve security. I find in sarge libapache-mod-chroot which chroot apache (and it work fine) but I can't send mail from php. I installed ssmtp in chroot (I think so) in chroot environment but it doesn't help :( Does anyone use this module? Perhaps I do something wrong with it ssmtp... I found a mini_sendmail. It is small program compiled without shared library... When I configure php in VirutalHost in this way: php_admin_value sendmail_path "/usr/sbin/mini_sendmail -t [EMAIL PROTECTED]" My PHP send emails but mail() function don't return any value (true on false) and php scripts report an error. I reconfigured my PHPBB2 forums to use extended mail system (127.0.0.1) and it's work exelent... My question is: Is any security problem with mini_sendmail and why I can't find it in distribution? -- Krzysztof Jozwiak Debian administrator -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Apache 1.3.33 (from sarge) and mod_chroot
Ian Eure napisał(a): On Wednesday 23 March 2005 10:31 pm, Krzysztof Jóźwiak wrote: Hello! My web server was hacked a few days ago and I decided to install some new program and modules which improve security. I find in sarge libapache-mod-chroot which chroot apache (and it work fine) but I can't send mail from php. I installed ssmtp in chroot (I think so) in chroot environment but it doesn't help :( Does anyone use this module? Perhaps I do something wrong with it ssmtp... It has been my experience that PHP doesn't work with ssmtp, at least not with the default ssmtp/PHP configurations in Debian. It's probably better to install exim with a minimal config anyways, so you don't lose messages if the smarthost/target system is unavailable. Yes, I tested ssmtp and even when I don't use chroot ssmtp doesn't work... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Apache 1.3.33 (from sarge) and mod_chroot
out of the box the sendmail application does not have the sgid bit set. The problem is that the /var/spool/mqueue-client folder that it tries to write to is not world writable. The solution to this is to set the sgid bit on the sendmail executable (in the choot env). -Dan Krzysztof Jóźwiak wrote: Hello! My web server was hacked a few days ago and I decided to install some new program and modules which improve security. I find in sarge libapache-mod-chroot which chroot apache (and it work fine) but I can't send mail from php. I installed ssmtp in chroot (I think so) in chroot environment but it doesn't help :( Does anyone use this module? Perhaps I do something wrong with it ssmtp... -- Krzysztof Jozwiak Debian administrator -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Apache 1.3.33 (from sarge) and mod_chroot
On Thu, Mar 24, 2005 at 07:31:03AM +0100, Krzysztof J??wiak wrote: > My web server was hacked a few days ago and I decided to install some > new program and modules which improve security. Good plan. Did you find the source of the attack? If not you're at risk from a repeat of the previous one .. > I find in sarge libapache-mod-chroot which chroot apache (and it work > fine) but I can't send mail from php. > I installed ssmtp in chroot (I think so) in chroot environment but it > doesn't help :( I can't help you there, but I would suggest you look at mod-security, you can find it in Sarge. The homepage has lots of documentation, and it includes chroot functionality: http://www.modsecurity.org/ There's a brief introduction here: http://www.debian-administration.org/?article=65 Steve -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Apache 1.3.33 (from sarge) and mod_chroot
On Wednesday 23 March 2005 10:31 pm, Krzysztof Jóźwiak wrote: > Hello! > > My web server was hacked a few days ago and I decided to install some > new program and modules which improve security. > I find in sarge libapache-mod-chroot which chroot apache (and it work > fine) but I can't send mail from php. > I installed ssmtp in chroot (I think so) in chroot environment but it > doesn't help :( > > Does anyone use this module? Perhaps I do something wrong with it ssmtp... > It has been my experience that PHP doesn't work with ssmtp, at least not with the default ssmtp/PHP configurations in Debian. It's probably better to install exim with a minimal config anyways, so you don't lose messages if the smarthost/target system is unavailable.