Bugtraq mailing list archives
apache+ssl 1.13 symlink problem
From: ondrej () EUREXA CZ (Ondrej Suchy)
Date: Tue, 24 Mar 1998 17:43:21 +0000
Hi all. Sorry if this was already mentioned, but ... Apache SSL server has similar symlink problem as updatedb (and thousands of others programs). I don't know about the other versions, but at least ssl 1.13 patch for apache 1.2.5 contains following line in default configuration: SSLLogFile /tmp/ssl.log which makes httpsd log it's activity to that file. Any file can be linked to /tmp/ssl.log and httpsd will happily append something like "CIPHER is blah-blah" to it. I could not make it to root access, but I can't say it's impossible. (Maybe through .rhosts?) Note that this problem is not affected by setting the User and Group directives in the configuration to nobody or other unprivileged user, since httpd often starts as root, writes to log files and THEN changes its uid. (There is probably the same problem with /tmp/ssldebug log file, I didn't test it.) Regards Ondrej -- -------------------------------------------------------- Ondrej Suchy -------------------------------------------------------- ondrej.suchy () saltek cz http://home.onestop.net/volkifan --------------------------------------------------------
Current thread:
- RAS 'save password' problems... Aleph One (Mar 20)
- Re: RAS 'save password' problems... David LeBlanc (Mar 22)
- Way to stop /tmp races Pavel Machek (Mar 21)
- Re: RAS 'save password' problems... martin Dolphin (Mar 23)
- buffer overflow with a twist bjorn smedman (Mar 24)
- ncftp 2.4.3 overflow / su killing Michal Zalewski (Mar 24)
- apache+ssl 1.13 symlink problem Ondrej Suchy (Mar 24)
- <Possible follow-ups>
- Re: RAS 'save password' problems... Noam Ben-Yochanan (Mar 22)
- Re: RAS 'save password' problems... martin Dolphin (Mar 22)
- Re: RAS 'save password' problems... David LeBlanc (Mar 22)