[users@httpd] RE:[users@httpd] how to prevent an executing from /tmp

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

>Hi!

>Someone often uploads files to /tmp and then executing in on the server with 
>webserver user priveleges. How to prevent it?

>Thanks,
>G.

One possibility is this:

<Location /tmp >
  <Limit GET HEAD POST>
    Order Deny,Allow
#    Deny from All
    Allow from All
  </Limit>
  <LimitExcept GET HEAD POST>
    Order Deny,Allow
    Deny from all
    Allow from 127.0.0.1
  </LimitExcept>
</Location>
 
The only one which can make than e.g. PUT /tmp/badcode.htm is than one from localost.

Greets

Oliver


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

<<winmail.dat>>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux