One of our members was poking around and noticed that all user files are world readable by default. Normally that isn't a problem, but we have one or two users with SSH access, who can now go around, read other's config files, and use the MySQL client to be naughty.

I'm thinking this can be solved without much side effect. Its normally not that big of a deal, but it wouldn't hurt to take care of it anyway. A page in SiteWorx to chagne the GID on a file to Apache's group, then remove world writable permissions would do the trick. This way users can select thier configuration files and protect them at will.

Of course, other in-Apache scripts would be able to open the files in other's directories, but we can fix that elsewhere by using safe mode or other open restrictions.

The strange thing is that, for me, not of all my apache config files are world readable.

Some are, and some don't.


-rw------- 1 root iworx 957 Dec 15 20:43 domaine1.com.conf
-rw-r--r-- 1 root iworx 1102 Dec 7 14:01 domaine2.com.conf
-rw------- 1 root iworx 938 Feb 1 18:40 domaine3.com.conf
-rw-r--r-- 1 root iworx 1186 Dec 18 06:55 domaine4.com.conf
-rw-r--r-- 1 root iworx 1172 Dec 18 06:54 domaine5.com.conf
-rw-r--r-- 1 root iworx 990 Dec 14 11:28 domaine6.com.conf
-rw------- 1 root iworx 1029 Jan 17 17:50 domaine7.com.conf
-rw-r--r-- 1 root root 877 Jan 13 10:48 iworx.conf
-rw------- 1 root iworx 1016 Dec 22 12:55 domaine8.com.conf
-rw------- 1 root iworx 977 Dec 21 12:31 domaine9.com.conf

etc....

I mean config files for various web apps. I should have been clear.

I mean config files for various web apps. I should have been clear.

oups....

My english is some time very poor :-p

Well, you're speaking about web app config files in the /html/ dir ?

If yes, why couldn't user change it himself with fileman or their ftp pgm ? (lol not sure it is english)

Maybe I do not understand your point of view

Pascal

The user could change the permissions, but not the owner. If the user wanted to change it so the world couldn't read their file, they would have to remove world read permissions, in which case the web server also couldn't read the file, so thats a bust :)

But, if the the file owner is change to the web server, group permissions left as writable, and world permissions removed, the user could still edit and delete the file, and Apache could still read it.

That still wouldn't prevent other users from opening other user's files through PHP, but that can be snuffed out with safe mode and open basedir.

:)

You right

I should think before posting :-p