Bugtraq mailing list archives
Re: Mandrake 5.3/7.0, RedHat 5.2/5.3/6.0 + Apache BUG
From: Daniel Garcia <dgarcia () HOLLYFELD ORG>
Date: Tue, 1 Aug 2000 16:29:52 -0400
On Mon, 31 Jul 2000, Kasatenko Ivan Alex. wrote:
Lately my users helped me (in a way the call this ``hacking'' :) to discover one unpleasant feature: a home catalog of ``nobody'' user is "/" on most Mandrake's and RedHat's (any others?) I've seen, and with such a setting in the httpd.conf (I assume this is typical?)...# UserDir: The name of the directory which is appended onto a user's home # directory if a ~user request is recieved. UserDir ./.. any user may go to, for example, http://www.malconfigured-host.com/~nobody/etc/ and get a list of files in the /etc catalog. I assume this a hole.
UserDir is actually typically set to public_html - or some such. I have never seen a site setup with UserDir set to './' - but needless to say, that's a Very Bad[tm] way to set things up. I'm fairly certain that default installs of apache (and the distros that install apache by default) have this set to public_html. Cheers, --Dg Wir m?ssen wissen; wir werden wissen | http://hollyfeld.org | http://silentnoise.org | http://aumlaut.net | w | email/dgarcia () silentnoise org | mp3/www.mp3.com/sol3 | g Listen to Silent Screams: http://silentnoise.org/screams np on Silent Screams: Aumlaut 4.1 by Aumlaut
Current thread:
- Mandrake 5.3/7.0, RedHat 5.2/5.3/6.0 + Apache BUG Kasatenko Ivan Alex. (Aug 01)
- Re: Mandrake 5.3/7.0, RedHat 5.2/5.3/6.0 + Apache BUG Daniel Garcia (Aug 01)