[FoLUG]sudo e php

G.Camozzi folug@lists.linux.it
Wed, 16 Jan 2002 08:19:15 +0100

Salve a tutti,
forse queste due news potrebbero interessarvi, faccio un cross posting
se mi e' permesso:
in sudo that can be exploited to obtain root privilege because sudo is
installed setuid  root.
An attacker could trick sudo to log failed sudo calls executing
 the sendmail (or equivalent mailer) program with root privileges and an
 environment that is not completely clean.  This problem has
been fixed upstream by the author in sudo 1.6.4 and it is highly
recommended that
 all users upgrade regardless of what mailer you are using.

L'altro bug riguarda il PHP, sostanzialmente e' possibile spoofare l'id
nelle php sessions in quanto tali id sono memorizzati nella /tmp.
Gunzour (il tizio che ha scoperto il bug) suggerisce questa procedura
per evitare il problema.

mkdir /tmp/php_sessions/

You have to adjust the path in php.ini for this. Then chown it to apache

     chown www-data: php_sessions

   And make sure to take away "r". r means "listing a directory". Apache
   only has to be able to "go into it" = x = 1, and "write" = w = 2.
   1 + 2 = 3, so

     chmod 300 php_sessions

chi volesse leggere il post originale lo trova qui:

Quindi fate il vostro aggiornamento.