[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: MHonArc and unfriendly users
On April 4, 2001 at 16:37, Francois Petillon wrote:
> I am working for an ISP and we are planning to offer web
> archives for our users mailing-lists. I began to setup
> mhonarc to do this but I have a security problem. As I
> would like to permit people to have their owns ressources
> files, a few ressource element (ie all filenames) might
> be used to access/erase other sites files (such as
> .htaccess or .htpassword). I tried to search in archives
> or web sites to find an similar problem but without any
> success.
...
> To the latest case, I have two possible ideas :
> - filtering the user ressource file to remove "dangerous"
> ressource elements
> - adding an option to mhonarc to define a "ressource
> directory" (the "user root" directory), if this option
> is used, then all files name should be relative to this
> directory ('..' would be then forbidden)
Overwriting files can be avoided with the use of Unix permissions and
ownership. I.e. The uid of the process(es) that run mhonarc should be
different from the uids that own your .htaccess and other important
files. Also, if using Apache, configure it to not allow option
overrides, or restrict to a small subset of options, to prevent
security holes from malicious users.
You could also have mhonarc run in a chrooted environment so
file access is restricted to a subset of your file system.
Another option is to provide a custom front-end for mhonarc resource
configuration that only allows customization of a subset of mhonarc
resources. This may be beneficial if the archives must at least
follow some kind of style for your website.
--ewh
[Index of Archives]
[Bugtraq]
[Yosemite News]
[Mhonarc Home]