Vulnerability Development mailing list archives
Re: apache + .htpasswd - bypass pwd check
From: Jose Nazario <jose () monkey org>
Date: Thu, 25 Apr 2002 12:19:45 -0400 (EDT)
On 25 Apr 2002, Hallberg Tom wrote:
Okej let say that user ivan have protected his /home/ivan/public_html/topsecret directory. And on the samer server we have the user johan, from his public_html directory we make an symlink ln -s /home/ivan/public_html/topsecret test okej so then johan tries http://www.hostname.whatever/~johan/test he will end up in ivan' s topsecret directory..
old news:
http://www.humanfactor.com/cgi-bin/cgi-delegate/apache-ML/nh/1997/May/0397.html
fix:
http://www.freebsddiary.org/protected.php
summary:
Options -FollowSymLinks +SymLinksIfOwnerMatch or something similar
sorry, my apache is a bit rusty. however, its a known issue and should be
configurable around.
___________________________
jose nazario, ph.d. jose () monkey org
http://www.monkey.org/~jose/
Current thread:
- apache + .htpasswd - bypass pwd check Hallberg Tom (Apr 25)
- RE: apache + .htpasswd - bypass pwd check Golden_Eternity (Apr 26)
- RE: apache + .htpasswd - bypass pwd check RSnake (Apr 26)
- Re: apache + .htpasswd - bypass pwd chec Jonas (Apr 28)
- RE: apache + .htpasswd - bypass pwd check RSnake (Apr 26)
- Re: apache + .htpasswd - bypass pwd check Jose Nazario (Apr 26)
- Re: apache + .htpasswd - bypass pwd check Jedi/Sector One (Apr 26)
- Re: apache + .htpasswd - bypass pwd check RSnake (Apr 26)
- Re: apache + .htpasswd - bypass pwd check Jedi/Sector One (Apr 26)
- Re: apache + .htpasswd - bypass pwd check Sten (Apr 28)
- Re: apache + .htpasswd - bypass pwd check Jedi/Sector One (Apr 26)
- RE: apache + .htpasswd - bypass pwd check Golden_Eternity (Apr 26)