Mikhail Gusarov <[EMAIL PROTECTED]> wrote: > Twas brillig at 14:12:12 10.03.2007 UTC+03 when Andrey Melnikoff did gyre and > gimble:
> AM> Надо смотреть пристально на порты от freebsd. Там это > AM> организованно вполне приемлимо (местами, даже лучше чем наши > AM> dpacth+quilt). > Чувак, ты проблему вообще понял? Понял, понял. То, чего тебе так надоело - автоматизируется самописанными скриптами. Я вот только ценнсти не могу понять - нафига тянуть новый пакет из дебиановского репозитрия? Он там заведомо тухлее, чем у автора. А ждать, пока нужная версия доползет до используемого дистрибутива - ой как долго. Или тебя прельшает получать с официального репозитория вот такие вот плюхи: ===8<==============Original message text=============== Version 1.3.34-4 of Apache in the Debian Linux distribution contains a hole that allows a local user to access a root shell if the webserver has been restarted manually. This bug does not exist in the upstream apache distribution, and was patched in specifically by the Debian distribution. The bug report is located at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=357561 . At the time of writing (over a month since the root hole was clarified), there has been no official acknowledgement. It is believed that most of the developers are tied up in more urgent work, getting the TI-86 distribution of Debian building in time for release. Unlike every other daemon, apache does not abdicate its controlling tty on startup, and allows it to be inherited by a cgi script (for example, a local user's CGI executed using suexec). When apache is manually restarted, the inherited ctty is the stdin of the (presumably root) shell that invoked the new instance of apache. Any process is permitted to invoke the TIOCSTI ioctl on the fd corresponding to its ctty, which allows it to inject characters that appear to come from the terminal master. Thus, a user created CGI script can inject and have executed any input into the shell that spawned apache. As a Debian user, this concerns me greatly, as any non-privileged user would be able to install non-free documentation (GFDL) on any system I run. Richard ===8<===========End of original message text=========== Да - плюха еще есть и здравствует. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
