Permissions of sensitive user files

system · February 1, 2005, 10:41am

One of our members was poking around and noticed that all user files are world readable by default. Normally that isn’t a problem, but we have one or two users with SSH access, who can now go around, read other’s config files, and use the MySQL client to be naughty.

I’m thinking this can be solved without much side effect. Its normally not that big of a deal, but it wouldn’t hurt to take care of it anyway. A page in SiteWorx to chagne the GID on a file to Apache’s group, then remove world writable permissions would do the trick. This way users can select thier configuration files and protect them at will.

Of course, other in-Apache scripts would be able to open the files in other’s directories, but we can fix that elsewhere by using safe mode or other open restrictions.

system · February 1, 2005, 3:16pm

The strange thing is that, for me, not of all my apache config files are world readable.

Some are, and some don’t.


-rw-------    1 root     iworx         957 Dec 15 20:43 domaine1.com.conf
-rw-r--r--    1 root     iworx        1102 Dec  7 14:01 domaine2.com.conf
-rw-------    1 root     iworx         938 Feb  1 18:40 domaine3.com.conf
-rw-r--r--    1 root     iworx        1186 Dec 18 06:55 domaine4.com.conf
-rw-r--r--    1 root     iworx        1172 Dec 18 06:54 domaine5.com.conf
-rw-r--r--    1 root     iworx         990 Dec 14 11:28 domaine6.com.conf
-rw-------    1 root     iworx        1029 Jan 17 17:50 domaine7.com.conf
-rw-r--r--    1 root     root          877 Jan 13 10:48 iworx.conf
-rw-------    1 root     iworx        1016 Dec 22 12:55 domaine8.com.conf
-rw-------    1 root     iworx         977 Dec 21 12:31 domaine9.com.conf

etc....

system · February 1, 2005, 4:14pm

I mean config files for various web apps. I should have been clear.

system · February 2, 2005, 4:07am

oups…

My english is some time very poor :-p

Well, you’re speaking about web app config files in the /html/ dir ?

If yes, why couldn’t user change it himself with fileman or their ftp pgm ? (lol not sure it is english)

Maybe I do not understand your point of view

Pascal

system · February 2, 2005, 1:27pm

The user could change the permissions, but not the owner. If the user wanted to change it so the world couldn’t read their file, they would have to remove world read permissions, in which case the web server also couldn’t read the file, so thats a bust

But, if the the file owner is change to the web server, group permissions left as writable, and world permissions removed, the user could still edit and delete the file, and Apache could still read it.

That still wouldn’t prevent other users from opening other user’s files through PHP, but that can be snuffed out with safe mode and open basedir.

system · February 2, 2005, 1:29pm

You right

I should think before posting :-p