Re: Secure system calls -- how

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Richard Lynch wrote:

> Perhaps the reason there is no article or tutorial is that it would be a
> book, not an article or tutorial :-)
> 
> There are so MANY affected/related software system pieces that you can't
> do it justice in an article or tutorial, I suspect.
Quite true. However, warnings about "don't do this or that", "an attacker
may use this" and so on are numerous, but advice on what to do about it is
rarer. And this thing with system calls is a good example: I can find many
warnings about not doing it, but not a single piece of advice about how to
do it when it's actually necessary.

 
> The interaction between your scripts, the OS, PHP and every other script
> or piece of software on the system comes into play once you start granting
> special privileges to the PHP user.
> 
> Here's a method you could easily miss:
> Create a JPEG that looks like a JPEG in its header, but has malevlolent
> PHP code in it.
> Then, upload that JPEG to your server as an avatar or whatever through
> some kind of file upload anywhere on the system.
> Then, surf to that image with variations on ".php" in the URL in an
> attempt to get PHP to execute that image as PHP code.
True, and I do have file uploads for privileged users. I check the files,
but how can I be sure? Your example is good, it's very easy to miss the
problem with code in a file -- but where's the solution?

 
> This is exactly the kind of thing that *CAN* happen by successive small
> minor mistakes taken one at a time over years of a server build-up, none
> of which in and of themselves will be obvious as a problem, until too
> late.
Good point, but that's a danger with all programs. Maybe this is a good
reason to use tried-and-tested modules like PEAR -- but they can be faulty
as well.

My main point isn't that I want to be 100% certain nothing will ever go
wrong with my program. That's quite unrealistic. But I'm looking for
solutions to the problems everybody's pointing out.


Thanks again,
Niels

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux