Am 06.12.2013 15:59, schrieb Ralf Corsepius: > On 12/06/2013 02:57 PM, Reindl Harald wrote: >> if arbitary users are allowed to call CLI applications from a webserver > ?!? Calling cli-tools underneath of webservices is the norm on many webservers. Often these calls are wrapped into > scripting languages, be they perl, python or php. what "?!?" if you allow call any CLI command on a webserver you have a serious problem - period in case of PHP open_basedir is your friend and without "disable_functions" it is completly worthless, so don't mix wrong configured webservers with the topic disable_functions = "apache_child_terminate, chown, dl, exec, fileinode, get_current_user, getmypid, getmyuid, getrusage, highlight_file, link, mail, openlog, passthru, pclose, pcntl_alarm, pcntl_errno, pcntl_exec, pcntl_fork, pcntl_get_last_error, pcntl_getpriority, pcntl_setpriority, pcntl_signal_dispatch, pcntl_signal, pcntl_sigprocmask, pcntl_sigtimedwait, pcntl_sigwaitinfo, pcntl_strerror, pcntl_wait, pcntl_waitpid, pcntl_wexitstatus, pcntl_wifexited, pcntl_wifsignaled, pcntl_wifstopped, pcntl_wstopsig, pcntl_wtermsig, pfsockopen, popen, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec, show_source, socket_accept, socket_bind, symlink, syslog, system" >> you have a security problem and that is for sure *not* TmpOnTmpfs > TmpOnTmpfs opens opportunities for DOS attacks which do not exist with TmpOnFS if i have to chose between a *self* DOS because wrong webserver-capabilities and code execution what -Werror=format-security should prevent from i take the DOS and on a sane configured webserver you have a dedicated /tmp partition what means TmpOnTmpfs doesn not matter at all
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
