mailing list archives
Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
From: Coderaptor <coderaptor () gmail com>
Date: Mon, 12 Aug 2013 10:28:29 -0700
I have been a silent spectator to this drama, and could not resist adding a few thoughts of my own:
1. All software, especially webservers, should ship with secure defaults. Period. It is a fundamental mistake to assume
all admins who roll out web apps and maintain servers RTFM before rolling out. The key idea here is "time to market",
and there is huge amount of data to prove this.
2. Apache clearly does not ship with secure defaults in favor of convenience? disable_functions is a example - do you
expect an admin to be a unix expert or know what each parameter in there means? Also indicates this was added in
reactively, and not accounted for in the core design. Why not enable_functions instead, with everything disabled to
begin with? (Oh, that wouldn't help you achieve world dominance and fast!)
3. Secure by design, implementation, and deployment isn't utopia, it's very much an achievable target. But then it
wouldn't feed bugtraq anymore or the billion dollar industry called as "security industry" would it?
Huge amount of software today is turd polishing, open source no exception (though it is supposed to have better track
record). The blame lies squarely on everyone.
sent via 100% recycled electrons from my mobile command center.
On Aug 11, 2013, at 3:30 PM, Reindl Harald <h.reindl () thelounge net> wrote:
Am 11.08.2013 23:56, schrieb Stefan Kanthak:
"Reindl Harald" <h.reindl () thelounge net> wrote:
symlinks are to not poision always and everywhere
they become where untrusted customer code is running
blame the admin which doe snot know his job and not
the language offering a lot of functions where some
can be misused
Again: symlinks are well-known as attack vector for years!
and that's why any admin which is not clueless
disables the symlink function - but there exists
code which *is* secure, runs in a crontrolled
environment and make use of it for good reasons
It's not the user/administrator who develops or ships insecure code!
but it's the administrator which has the wrong job if
create symlinks is possible from any random script
running on his servers
anyways, i am done with this thread
the topic is *not* "Apache suEXEC privilege elevation" it
is "admins not secure their servers" - period