slive 01/10/05 14:23:46
Modified: htdocs/manual/misc security_tips.html
Log:
Some more detail about SSI security.
With some changes by Chris Pepper, Cliff Woolley, and Joshua Slive.
Submitted by: Allan Liska <[EMAIL PROTECTED]>
Revision Changes Path
1.26 +42 -8 httpd-docs-1.3/htdocs/manual/misc/security_tips.html
Index: security_tips.html
===================================================================
RCS file: /home/cvs/httpd-docs-1.3/htdocs/manual/misc/security_tips.html,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -d -b -u -r1.25 -r1.26
--- security_tips.html 2001/10/02 15:40:07 1.25
+++ security_tips.html 2001/10/05 21:23:46 1.26
@@ -95,15 +95,49 @@
<h2><a id="ssi" name="ssi">Server Side Includes</a></h2>
- <p>Server side includes (SSI) can be configured so that users
- can execute arbitrary programs on the server. That thought
- alone should send a shiver down the spine of any sys-admin.</p>
+ <p>Server Side Includes (SSI) present a server administrator with
+ several potential security risks.</p>
- <p>One solution is to disable that part of SSI. To do that you
- use the IncludesNOEXEC option to the <a
- href="../mod/core.html#options">Options</a> directive.</p>
+ <p>
+ The first risk is the increased load on the server. All SSI-enabled
+ files have to be parsed by Apache, whether or not there are any SSI
+ directives included within the files. While this load increase is
+ minor, in a shared server environment it can become significant.</p>
- <p></p>
+ <p>
+ SSI files also pose the same risks that are associated with CGI
+ scripts in general. Using the "exec cmd" element, SSI-enabled
+ files can execute any CGI script or program under the permissions
+ of the user and group Apache runs as, as configured in httpd.conf.
+ That should definitely give server administrators pause.</p>
+
+ <p>
+ There are ways to enhance the security of SSI files while still taking
+ advantage of the benefits they provide.</p>
+
+ <p>To isolate the damage a wayward SSI file can cause, a server
+ administrator can enable <a href="../docs/suexec.html"
+ >suexec</a> as described in the <a href="#cgi">CGI in General</a>
+ section.</p>
+
+ <p>
+ Enabling SSI for files with .html or .htm extensions can be
+ dangerous. This is especially true in a shared, or high traffic,
+ server environment. SSI-enabled files should have a separate
+ extension, such as the conventional .shtml. This helps keep
+ server load at a minimum and allows for easier management of
+ risk.</p>
+
+
+ <p>Another solution is to disable the ability to run scripts and
+ programs from SSI pages. To do this replace <code>Includes</code>
+ with <code>IncludesNOEXEC</code> in the <a
+ href="../mod/core.html#options">Options</a> directive. Note that
+ users may still use <--#include virtual="..." --> to execute
+ CGI scripts if these scripts are in directories desginated by a <a
+ href="../mod/mod_alias.html#ScriptAlias">ScriptAlias</a>
+ directive.</p>
+
<hr />
<h2><a id="nsaliasedcgi" name="nsaliasedcgi">Non Script Aliased
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
