On 8/24/10, Keith Roberts <keith@xxxxxxxxxxxx> wrote: > So bolting down PHP really tight should address these hacks? As others have mentioned, this is trying to take advantage of a poorly written PHP script that doesn't sanitize/check the input before using. However, you could possibly lock down PHP further to reduce the possibility of such apps working by using the disabled_function setting to disable the riskier functions which allow shell/command/file operations. Of course depending on how aggressive you are, it could lead to scripts breaking. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: Strange Apache log entry
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: Strange Apache log entry
- From: Emmanuel Noobadmin <centos.admin@xxxxxxxxx>
- Date: Sat, 28 Aug 2010 12:08:49 +0800
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <alpine.LFD.2.00.1008232107350.10144@karsites>
- Follow-Ups:
- Re: Strange Apache log entry
- From: Bob McConnell
- Re: Strange Apache log entry
- From: Stephen Harris
- Re: Strange Apache log entry
- From: Gordon Messmer
- Re: Strange Apache log entry
- From: Emmanuel Noobadmin
- Re: Strange Apache log entry
- References:
- Strange Apache log entry
- From: Gilbert Sebenste
- Re: Strange Apache log entry
- From: Keith Roberts
- Re: Strange Apache log entry
- From: Gilbert Sebenste
- Re: Strange Apache log entry
- From: Gordon Messmer
- Re: Strange Apache log entry
- From: Keith Roberts
- Strange Apache log entry
- Prev by Date: Re: Freezing gnome terminals...
- Next by Date: Re: Strange Apache log entry
- Previous by thread: Re: Strange Apache log entry
- Next by thread: Re: Strange Apache log entry
- Index(es):
 |