vermi schrieb:
> There is a big security problem in suPHP. When activated, suPHP give to php 
> the .php.jpg files. A Hacker can upload a php renamed to .php.jpg in an image 
> upload form and have all access to the site :/
> The bug is not present when suPHP is loaded into memory and deactivated with :
> suPHP_Engine off
> RemoveHandler .php
> AddHandler application/x-httpd-php .php
> AddType application/x-httpd-php .php
> php_admin_flag engine on

Actually, this is a configuration problem, not a bug in suPHP:

If you use "AddHandler" all filename containing the ".php" extension 
(e.g. ".php", ".php.jpg") will be served using mod_suphp.

If you use the "AddType" directive, only files with the ".php" extension 
at the end of the filename will be served using suPHP.

This behaviour is not specific to suPHP but caused by how Apache handles 
this directives.

Unfortunately the Apache documentation is very unclear on this:

BTW: The patch you proposed would not only break setups where other 
extensions than .php, .php4, .php5 or .phtml are used for PHP scripts, 
but also setups which use suPHP to serve CGI scripts.


suPHP mailing list

Reply via email to