file ownership

[felosi]

Lately I been testing variuos php shells trying to get the php.ini right and I uploaded a shell and noticed that it was automatcially in uid=100(apache) gid=500(apache) groups=500(apache)

I about died, and you could write to any directory and rise above what ever folder you are in.
I havent messed with any owner ship I just upgraded to apache2, how can I fix this? This is a dangerous setting.
And is it supposed to be this way?

 

[DamnSkippy]

Not sure what you mean by uploaded a shell. If you use apache to add a file or create a directory it is usually owned by apache because it created it. I am no programmer though and things like the file manager in DA do not do this but I do not think it have any php in it.

As for the perms on things you create with apache they should get the default and you can change them using the same php script if you want.

 

[felosi]

yeah i found that out looking around.
What I mean is a php shell, a defacing tool. The way the permissions are set in the apache it will let it rise above folders and write to directories and grab /etc/passwd
I added the rookits.conf from gotroot and it seems to be blocking all of the commands so hopefully that wll straighten it out

 

[fuigus]

you may wana try mod_secuity or phpsuexec

 

[felosi]

mod security with the rootikits.conf has fixed this problem. Well not the ownership but it stops the exec of shells.