[FoLUG]sudo e php
G.Camozzi
folug@lists.linux.it
Wed, 16 Jan 2002 08:19:15 +0100
Salve a tutti,
forse queste due news potrebbero interessarvi, faccio un cross posting
se mi e' permesso:
in sudo that can be exploited to obtain root privilege because sudo is
installed setuid root.
An attacker could trick sudo to log failed sudo calls executing
the sendmail (or equivalent mailer) program with root privileges and an
environment that is not completely clean. This problem has
been fixed upstream by the author in sudo 1.6.4 and it is highly
recommended that
all users upgrade regardless of what mailer you are using.
L'altro bug riguarda il PHP, sostanzialmente e' possibile spoofare l'id
nelle php sessions in quanto tali id sono memorizzati nella /tmp.
Gunzour (il tizio che ha scoperto il bug) suggerisce questa procedura
per evitare il problema.
mkdir /tmp/php_sessions/
You have to adjust the path in php.ini for this. Then chown it to apache
chown www-data: php_sessions
And make sure to take away "r". r means "listing a directory". Apache
only has to be able to "go into it" = x = 1, and "write" = w = 2.
1 + 2 = 3, so
chmod 300 php_sessions
chi volesse leggere il post originale lo trova qui:
http://www.securityfocus.com/archive/1/250196
Quindi fate il vostro aggiornamento.
ByeZ!