Fwd: packages: php/php-mod_php.conf - match only *.php for added security by avo...
Patryk Zawadzki
patrys at pld-linux.org
Mon May 4 15:43:54 CEST 2009
On Mon, May 4, 2009 at 3:07 PM, Tomasz Pala <gotar at polanet.pl> wrote:
> [*] security means filter as much as possible; in this case it's "'don't
> expose as much as possible" - so the change would be acceptable among
> with filtering access to every *.php*.* (maybe with *~ and *.rpm{save,new}).
Actually here it seems to be more secure the other way around - not
alowing parsing of uploaded foo.php.jpg files for example (at least
some webapps only care about file extensions).
To exploit .rpmsave, you need to a) know it's PLD, b) know the config
copy is in the DocumentRoot (packaging bug). YMMV but most likely you
won't get a chance to execute any code.
To exploit .php.foo you can ask google for a list of sites using the
same software (for example querying for "powered by foo") and do a
mass scripted exploit. This allows people to run untrusted code on
your webserver.
--
Patryk Zawadzki
More information about the pld-devel-en
mailing list