[Previous] [Next] [Index]
[Thread]
Re: Unix links subverting Web security
On Thu, 26 Oct 1995, Steff Watkins wrote:
....
> ln -s /etc/passwd test.doc
>
> I then called this file across the network from another machine (albeit
> within the .bris.ac.uk domain) using netscape and the simple user specific
> URL of '~ccsw/test.doc'.
>
> What I got back was a nicely pre-formatted copy of my '/etc/passwd' file.
....
> So, the question is:
>
> Is there a standard way of stopping this, by configuration or some other
> means at source, that is the WebServer itself? Or, do I have to ritually
> scan my filesystem for links to potentially dangerous systems files and
> delete them??
There are two issues here. One is whether you trust your users in some
fashion not to do stupid|dangerous things. For example, there's not much
difference between creating a link like this and posting the passwd file
to alt.test or alt.2600. Anonymously, of course:) You might also
consider that "telnet your_host finger" will usually result in a list of
all the users anyway.
After users, the server is an issue. Within Unix a "chroot" can be done
so that links like you created go nowhere because root is really
/var/www. CERN is actually a very easy server to setup this way by
adding about 10 lines to the function HTUserInit.c. If anyone want's the
mods, let me know.
Most of the servers can be setup this way. In fact, other demons like
FTP have been running chrooted for years.
--- David Miller
----------------------------------------------------------------------------
It's *amazing* what one can accomplish when
one doesn't know what one can't do!
References: