Full Disclosure mailing list archives
Re: Phun With Apache
From: Graham Reed <greed () pobox com>
Date: Mon, 11 Apr 2005 18:43:13 -0400
On Apr 1, 2005, at 4:19 AM, duper () willhackforfood biz wrote:
## Apache follows symbolic links referenced by public_html! ## Even when SymLinksifOwnerMatch is set and FollowSymLinks is not!## A super-easy way to gain read access on files owned by the apache user!
It's not (only) a mod_userdir problem.I found the problem is fully reproducible on the intranet server I run--but it does not use mod_userdir. It gets its work done with AliasMatch directives.
I currently believe the culprit is the <Directory> and <DirectoryMatch> directives are allowing symbolic links, without following the ifOwnerMatch part of the directive.
-- "Dead people don't send spam." _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Phun With Apache duper (Apr 01)
- Re: Phun With Apache Graham Reed (Apr 11)