[SLUG] Ignorance alert: permissions
John Allsopp
john at johnallsopp.co.uk
Tue Sep 11 13:12:39 BST 2007
> One thing that interests me more here is how a file has been hacked in the
> first place. OK, poor file permissions may not have helped but how as access
> been gained in the first place? Reviewing your file permissions is good but
> it's not stopping the root of the problem.
Here's what the host says (and I like my hosts):
"I have checked the page in question and your evaluations are correct -
the file was altered due to the 'chmod 777 world read / world write'
permissions on the file / images folder.
Files can be altered through unsecure PHP scripts if the files / folders
are chmod 777.
If you are able to change the permissions on your files / folders you
can prevent this from reocrurring.
The password for the account will not have been compromised - the hacker
will have used your PHP script to alter the file.
If your script will not function with less than chmod 777 permissions,
we can make certain files 'immutable' if needed (chattr +i)."
I asked if they can tell which script was used. I've taken this over and
I'm wondering if I've introduced a hole or whether it was pre-existing.
J
More information about the Scarborough
mailing list