[CLUE-Tech] Cracking websites
David Anselmi
anselmi at anselmi.us
Mon Feb 23 08:46:57 MST 2004
Jed S. Baer wrote:
> Hi Folks.
>
> I'm wondering about website security. In a shared hosting environment,
> under Apache, is there anything to prevent me from reading other users'
> files -- that is, any files which must be readable by the httpd user for
> the site to function?
[...]
> This seems like such an obvious crack, I have to think there's a standard,
> effective measure to prevent it. Presumably something in the virtual
> hosting setup that creates the equivalent of a chroot jail -- or is that
> possible only using a virtual server?
You're basically asking for a way for a hosting company to provide
access controls to their customers' scripts. Seems like the standard
Unix permission stuff is what you need. So fundamentally, apache has to
run scripts as the appropriate user, don't you think?
There seem to be two choices. You can have apache change its user id
before running customer code. That's what suEXEC is for. Getting
different results from it using different URLs seems like
misconfiguration to me.
Or you can run apache itself as the appropriate user. Give each
customer a separate IP address (or at least port) and a config to listen
on that port and start as many apaches as you need. Offhand that seems
less scalable than suEXEC, but maybe it isn't as bad as it seems.
Using chroot, user mode linux, or other virtual machine technology seem
like extensions of the above.
I'd be interested to know how the pros do it. Maybe there are some
papers out there...
Dave
More information about the clue-tech
mailing list