Surpass Web Hosting Forums - View Single Post

H · April 22nd, 2006, 2:36 PM

A bunch of good points. It's much more difficult for a 'hacker' to get a file onto the server in order to actually do damage. They'll need either FTP access or a magical script that allows them to upload whatever they wish... and then give them public access to execute it. This would be uncommon and unlikely. Very true.

But, traditionally when a file is uploaded through an exploit, it's stored on the server as 'nobody', this is when you're not under PHPseExec. This means that it doesn't have the same owner or group as files made or uploaded through FTP (which traditionally is almost all files). It can read these files and folders, but it cannot delete or alter them unless they were 0777.

Under PHPsuExec, when a file is uploaded, it will have the owner/group of your username, the same as your files and folders. This does give them the ability to alter files and delete them, ontop of reading them.

On top of that, according to PHP.NET, most systems running under Apache with the user nobody will not allow use of the chmod function. You could of course use FTP functions to do it, but that assumes knowledge of that information. If you're under safe mode, it will check this information and deny the user 'nobody' from making changes (Surpass does not use safe mode, so this is irrelevent for Surpass clients). I did not say that anyone can chmod a file in Apache, I said anyone can chmod a file under the current user under PHPsuExec.

A simple example of how PHPsuExec has more access to the file system is an image gallery.
Under Apache you would be required to either have the permissions for the destination script to 0777 or use php-FTP functions before and after to alter the permissions from 0755 to 0777.
Under PHPsuExec you aren't required any chmodding to the destination folder because the process is being run as the same owner/group as the owner of the folder.

I like PHPsuExec for a number of reasons. One of which is that it does make writing certain types of scripts much easier because you're not worrying about the file system. But, I understand that how it benefits me with the filesystem, it also benefits a malicious script put onto my server. Which again, isn't all that likely to get.

April 22nd, 2006, 2:36 PM	#14 (permalink)
H after g, before i Resident. Joined in Jul 2004 Lives in N,BC,CA 8,058 posts Gave thanks: 48 Thanked 129 times	A bunch of good points. It's much more difficult for a 'hacker' to get a file onto the server in order to actually do damage. They'll need either FTP access or a magical script that allows them to upload whatever they wish... and then give them public access to execute it. This would be uncommon and unlikely. Very true. But, traditionally when a file is uploaded through an exploit, it's stored on the server as 'nobody', this is when you're not under PHPseExec. This means that it doesn't have the same owner or group as files made or uploaded through FTP (which traditionally is almost all files). It can read these files and folders, but it cannot delete or alter them unless they were 0777. Under PHPsuExec, when a file is uploaded, it will have the owner/group of your username, the same as your files and folders. This does give them the ability to alter files and delete them, ontop of reading them. On top of that, according to PHP.NET, most systems running under Apache with the user nobody will not allow use of the chmod function. You could of course use FTP functions to do it, but that assumes knowledge of that information. If you're under safe mode, it will check this information and deny the user 'nobody' from making changes (Surpass does not use safe mode, so this is irrelevent for Surpass clients). I did not say that anyone can chmod a file in Apache, I said anyone can chmod a file under the current user under PHPsuExec. A simple example of how PHPsuExec has more access to the file system is an image gallery. Under Apache you would be required to either have the permissions for the destination script to 0777 or use php-FTP functions before and after to alter the permissions from 0755 to 0777. Under PHPsuExec you aren't required any chmodding to the destination folder because the process is being run as the same owner/group as the owner of the folder. I like PHPsuExec for a number of reasons. One of which is that it does make writing certain types of scripts much easier because you're not worrying about the file system. But, I understand that how it benefits me with the filesystem, it also benefits a malicious script put onto my server. Which again, isn't all that likely to get.