I have incorporated the suggestions made by Joshua, and I am resubmitting
this patch for discussion. Again, any feedback is greatly appreciated, as
it helps me get a better feel for what is expected going foward.
Thanks!
allan
Index: httpd-docs-1.3/htdocs/manual/misc/security_tips.html
===================================================================
RCS file: /home/cvspublic/httpd-docs-1.3/htdocs/manual/misc/security_tips.html,v
retrieving revision 1.25
diff -u -r1.25 security_tips.html
--- httpd-docs-1.3/htdocs/manual/misc/security_tips.html 2001/10/02
15:40:07 1.25
+++ httpd-docs-1.3/htdocs/manual/misc/security_tips.html 2001/10/04
03:06:02
@@ -95,15 +95,46 @@
<h2><a id="ssi" name="ssi">Server Side Includes</a></h2>
- <p>Server side includes (SSI) can be configured so that users
- can execute arbitrary programs on the server. That thought
- alone should send a shiver down the spine of any sys-admin.</p>
+ <p>Server Side Includes (SSI), present a server administrator with
+ several potential security risks.</p>
+
+ <p>
+ The first risk is the increased load on the server. All SSI-enabled
+ files have to be parsed by Apache, whether or not there are any SSI
+ directives included within the file. While this load increase is
+ minor, in a shared server environment it can become significant.</p>
+
+ <p>
+ SSI files also pose the same risks that are associated with CGI scripts
+ in general. Using the "exec cmd" element, SSI-enabled files can execute
+ any CGI script or program that is owned by same userid as the user and
+ group configured in httpd.conf. That should definitely give server
+ administrators pause.</p>
- <p>One solution is to disable that part of SSI. To do that you
- use the IncludesNOEXEC option to the <a
- href="../mod/core.html#options">Options</a> directive.</p>
+ <p>
+ There are ways to enhance the security of SSI files, while still taking
+ advantage of the benefits they provide.</p>
- <p></p>
+ <p>To decrease the amount of damage a wayword SSI file can cause a
+ server administrator can enable <a href="../docs/suexec.html"
+ >suexec</a>. Suexec provides several levels of protection for a
+ server. It limits the users who can execute CGI scripts or programs
+ on the server (by restricting access only to the user and group defined
+ in httpd.conf). Suexec also checks to ensure all parsed files meet
+ its security standards prior to execution.
+
+ <p>
+ Enabling SSI for files with .html or .htm extensions is probably a bad
+ idea. This is especially true in a shared, or heavily
+ trafficked, server environment. SSI-enabled files should have a
+ separate extension, such as the conventional .shtml. This helps keep
+ server load at a minimum, and increases security.</p>
+
+
+ <p>Another solution is to disable the #exec element within SSI. To do
+ this replace Options Includes with Options IncludesNOEXEC within the
+ <a href="../mod/core.html#options">Options</a> directive.</p>
+
<hr />
<h2><a id="nsaliasedcgi" name="nsaliasedcgi">Non Script Aliased
--
Allan Liska
[EMAIL PROTECTED]
http://www.allan.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
