[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
From: Hv5hA5ms@xxxxxxxxxxxxxxx
Date: Thu, 8 Aug 2013 12:22:09 GMT

This is in no way an exploit.

Apache behaviour is as expected.

When an user has the ability to activate FollowSymlinks and to create symlinks 
- than this is the fault of the systems operator.

In no way has this anything to do with suEXEC.

suEXEC *does not* disallow read access via HTTP requests to files owned by 
www-data. Everybody should know that only the cgi/php/whatever scripts are run 
as configured the suexec uid/gid but apache serving static files are read via 
www-data user.

Creating a symlink named 'test99.php' only adds confusion but has nothing to do 
with the fact that there is no exploit.

Prev by Date: [slackware-security] mozilla-thunderbird (SSA:2013-219-02)
Next by Date: Joomla! redSHOP component v1.2 SQL Injection
Previous by thread: [slackware-security] mozilla-thunderbird (SSA:2013-219-02)
Next by thread: Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
Index(es):
- Date
- Thread