I'm primarily a
User Developer Sysadmin A mixture Something else entirely .. ( 565 votes ~ 10 comments )
You are not currently logged in. If you do not have a user account then please consider creating one and logging in before you post your comment. This will allow you to track replies to your comment, and take part in the site much more freely.
To add your comment, fill in all the boxes below and then preview it to make sure you're happy with the way that it looks.
This is the comment you were replying to, attached to the article Apache log files - per site log files:
#7 Re: Apache log files - per site log files Posted by simonw (212.24.xx.xx) on Thu 1 Dec 2005 at 11:18 Okay lets describe the problem in more detail. Create a typical scenario, lets make it harder by setting sticky bits, and ensure logs directory is owned by root. # - root prompt $ - not root su - #cd ~simon #mkdir logs #chmod 1755 logs #touch logs/access.log # ls -l logs/access.log -rw-r--r-- 1 root root 0 Dec 1 10:34 logs/access.log Repeat for error log. Configure apache as appropriate. But since "simon" has write permissions to "/home/simon" he can rename files and directories in "/home/simon". su - simon $rm -rf logs rm: cannot remove `logs/access.log': Permission denied $mv logs logs.old Okay we have got rid of all those irritating permissions. Then as "simon" or as "www-data" e.g. a CGI script could be uploaded to "system("ln -s ...") if you allow arbitary CGI scripts. $mkdir logs $cd logs $ ln -s /etc/demo error.log #apache2ctl restart #ls -l /etc/demo -rw-r--r-- 1 root root 0 Dec 1 10:56 /etc/demo We've just create a file, but could equally have overwritten an important file. This allows a user with a password, or if "logs" is insecure, a CGI vulnerability to write, or truncate arbitary files owned by root. I didn't check to see if it will overwrite files with "read" file permissions but... Obviously we could "deny service" or set some nasty problems... ln -s /etc/passwd error.log Or hosts.deny, or ftpusers, or even /boot/grub/menu.lst. But typically the "bad guys" will know how to use this kind of weakness to acquire root privileges, because that is what they do. It isn't a big hole in the scheme of Linux security, it isn't typically a remote root exploit, unless "logs" is writable by "www-data", but I think you are missing something. vlogger does seem to address my needs, although I need to check if it can be made to do precisely what we want.
Posting Format:
Inappropriate comments will be removed.
Some help on entry formatting is available
Username:
Password:
[ Advanced Login ]
Register Account
