On Tuesday, July 16, 2002, at 01:05 , Eric D. wrote: > on 16/7/02 11:20, Eagle at [EMAIL PROTECTED] wrote: >> As you rightly point out, an overflow exploit for one system won't >> necessarily work on another, but an overflowable buffer in a version of >> Apache will still be overflowable on ANY system running that version of >> Apache. It would just likely require a different exploit to gain >> unauthorized access. > > But, wouldn't the exploit still be limited by the permissions Apache > has to > run on a system -- if it is not running as root (or does it?) [in OS > X], it > shouldn't have access to root functions & thus should be limited to > wreaking > havoc with the user space in which it is running. > > Is this remotely correct?
Yes, that is true. If the server (Apache, MySQL, whatever) is running as "root" then the possibility exists that the remote user could gain root access. If, however, the server is instead running as another user (Red Hat Linux 7.3 runs Apache as user "apache," Mac OS X runs Apache as user "www," and MySQL is easily configured to run as user "mysql") then you can't get root access, but you could get shell access for user "apache" or "mysql" -- a good reason to set the shell for those users to /bin/false. As I said, paranoia isn't necessary, but a healthy pile of computer security knowledge is a good thing. It's not as simple as "don't worry about it" -- because it is a concern -- but _I_ probably take more precautions than are necessary. (Of course, after having taken _too_few_ precautions in the past, and after I paid the price for that, can you blame me?) Eagle -- G-List is sponsored by <http://lowendmac.com/> and... Small Dog Electronics http://www.smalldog.com | Refurbished Drives | -- We have Apple Refurbished Monitors in stock! | & CDRWs on Sale! | Support Low End Mac <http://lowendmac.com/lists/support.html> G-List list info: <http://lowendmac.com/lists/g-list.shtml> Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive: <http://www.mail-archive.com/g-list%40mail.maclaunch.com/> Using a Macintosh? Get free email and more at Applelinks! <http://www.applelinks.com>
