[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: email@example.com
- Subject: Security Warning.
- From: Nanook <firstname.lastname@example.org>
- Date: Mon, 10 Apr 2006 13:21:16 -0700 (PDT)
- List-help: <mailto:email@example.com?subject=help>
- List-post: <mailto:firstname.lastname@example.org>
- List-subscribe: <mailto:email@example.com?subject=subscribe>
- List-unsubscribe: <mailto:firstname.lastname@example.org?subject=unsubscribe>
- Newsgroups: lobby,announcements
- Resent-date: Mon, 10 Apr 2006 13:21:53 -0700
- Resent-from: email@example.com
- Resent-message-id: <jsUWCD.A.f1E.g5rOEB@ultra7.eskimo.com>
- Resent-sender: firstname.lastname@example.org
We had a customer who recently had his website defaced by a hacker. The customer had an uploader cgi program allowing someone to upload files to his website with no restrictions. The hacker uploaded a php program called php shell which basically allows them to assume shell functions with a browser. Due to the way we have PHP programs execute with the user that owns them's permissions, this caused this program to execute with the web site owners permissions so damage was limited to his site. However, please be very aware of this type of situation and avoid allowing any sort of code that can be executed to be directly uploaded to your site. If you want to allow people to actually upload php code; have it go to a non-viewable directory that can't be accessed until you've had a chance to review it. Remember, your PHP and CGI programs execute with YOUR permissions and any bad behavior can expose your files to theft, damage, or deletion. -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_- Eskimo North Linux Friendly Internet Access, Shell Accounts, and Hosting. Knowledgable human assistance, not telephone trees or script readers. See our web site: http://www.eskimo.com/ (206) 812-0051 or (800) 246-6874.