phpsuexec的安全性 [英] security of phpsuexec
问题描述
一个特定的网络托管公司决定在他们的网络服务器的所有
上安装phpsuexec,理由是出于安全考虑。我的问题是......
它真的更安全吗?
如果没有phpsuexec,如果PHP脚本要创建新文件,那么公开
需要在特定目录上启用
写入权限,因为
PHP以用户''nobody''运行。
但是使用phpsuexec, ,那不是必需的。 phpsuexec作为
root用户运行。
问题是......如果PHP存在漏洞会发生什么?
脚本?如果某人有这样的PHP脚本会发生什么?:
<?php
eval($ _ GET [''cmd'']);
?>
如果没有phpsuexec,攻击者唯一能做的就是
操纵*做*公开的文件写权限。然而,使用
phpsuexec,攻击者可以做任何他想要的任何文件。
基本上,phpsuexec在我看来,如果你假设PHP应用程序根本不包含
漏洞,那么我认为这只是一个很好的方法来获得
安全性。这是一个愚蠢的假设。这就像是相信
只是因为你运行Windows XP SP3并且安装了每次更新
,你不需要防火墙。
也许我错过了什么?或者,phpsuexec只是,平坦,一个糟糕的想法?
_GET [''cmd'']) ;
?>
如果没有phpsuexec,攻击者唯一能做的就是
操纵*做*的文件有公共写权限。然而,使用
phpsuexec,攻击者可以做任何他想要的任何文件。
基本上,phpsuexec在我看来,如果你假设PHP应用程序根本不包含
漏洞,那么我认为这只是一个很好的方法来获得
安全性。这是一个愚蠢的假设。这就像是相信
只是因为你运行Windows XP SP3并且安装了每次更新
,你不需要防火墙。
也许我错过了什么?或者phpsuexec只是,平坦,一个糟糕的想法?
yawnmoth写道:
一个特定的网络托管公司决定在他们的网络服务器的所有
上安装phpsuexec,理由是出于安全考虑。我的问题是......
它真的更安全吗?
如果没有phpsuexec,如果PHP脚本要创建新文件,那么公开
需要在特定目录上启用
写入权限,因为
PHP以用户''nobody''运行。
但是使用phpsuexec, ,那不是必需的。 phpsuexec作为
root用户运行。
问题是......如果PHP存在漏洞会发生什么?
脚本?如果某人有这样的PHP脚本会发生什么?:
<?php
eval(
_GET [''cmd'']);
?>
如果没有phpsuexec,攻击者唯一能做的就是
操纵* do *具有公共写权限的文件。然而,使用
phpsuexec,攻击者可以做任何他想要的任何文件。
基本上,phpsuexec在我看来,如果你假设PHP应用程序根本不包含
漏洞,那么我认为这只是一个很好的方法来获得
安全性。这是一个愚蠢的假设。这就像是相信
只是因为你运行Windows XP SP3并且安装了每次更新
,你不需要防火墙。
也许我错过了什么?或者phpsuexec只是,平坦,一个糟糕的想法?
实际上,IIRC,phpsuexec像你一样运行脚本,而不是root用户。
如果他们将它设置为以root身份运行,则他们没有正确配置
。
-
==================
删除x来自我的电子邮件地址
Jerry Stuckle
JDS计算机培训公司
js ******* @ attglobal.net
==================
A particular web hosting company decided to install phpsuexec on all
their webservers, citing security considerations. My question is...
is it really more secure?
Without phpsuexec, if a PHP script is to create new files, public
write permission needs to be enabled on the particular directory since
PHP is ran as user ''nobody''.
With phpsuexec, however, that''s not needed. phpsuexec runs as the
root user.
The problem is... what happens if there''s a vulnerability in a PHP
script? What happens if someone has a PHP script like this?:
<?php
eval($_GET[''cmd'']);
?>
Without phpsuexec, the only thing an attacker could do is to
manipulate files that *do* have public write permission. With
phpsuexec, however, an attacker can do whatever he wants to to pretty
much any file.
Basically, phpsuexec seems to me to only be a good approach to
security if you assume that PHP applications simply do not contain
vulnerabilities. Which is a dumb assumption. That''s like believing
that just because you''re running Windows XP SP3 with every update
installed that you don''t need a Firewall.
Maybe I''m missing something? Or is phpsuexec just, flat out, a bad
idea?
_GET[''cmd'']);
?>
Without phpsuexec, the only thing an attacker could do is to
manipulate files that *do* have public write permission. With
phpsuexec, however, an attacker can do whatever he wants to to pretty
much any file.
Basically, phpsuexec seems to me to only be a good approach to
security if you assume that PHP applications simply do not contain
vulnerabilities. Which is a dumb assumption. That''s like believing
that just because you''re running Windows XP SP3 with every update
installed that you don''t need a Firewall.
Maybe I''m missing something? Or is phpsuexec just, flat out, a bad
idea?
yawnmoth wrote:A particular web hosting company decided to install phpsuexec on all
their webservers, citing security considerations. My question is...
is it really more secure?
Without phpsuexec, if a PHP script is to create new files, public
write permission needs to be enabled on the particular directory since
PHP is ran as user ''nobody''.
With phpsuexec, however, that''s not needed. phpsuexec runs as the
root user.
The problem is... what happens if there''s a vulnerability in a PHP
script? What happens if someone has a PHP script like this?:
<?php
eval(
_GET[''cmd'']);
?>
Without phpsuexec, the only thing an attacker could do is to
manipulate files that *do* have public write permission. With
phpsuexec, however, an attacker can do whatever he wants to to pretty
much any file.
Basically, phpsuexec seems to me to only be a good approach to
security if you assume that PHP applications simply do not contain
vulnerabilities. Which is a dumb assumption. That''s like believing
that just because you''re running Windows XP SP3 with every update
installed that you don''t need a Firewall.
Maybe I''m missing something? Or is phpsuexec just, flat out, a bad
idea?
Actually, IIRC, phpsuexec runs the scripts as you, not as the root user.
If they have it set up to run as root, they haven''t configured it
properly.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
这篇关于phpsuexec的安全性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
