Security read of files and mysql !!! URGENT¡¡¡¡

[ivenio]

Hi There!
Good evening to every one, I would like to comment something to your, something about system security. I was cheking the current shells built in php code that the defacers use to break systems. i have seen that one of them works throught mysql and it can read files like /etc/proftpd.conf /etc/passwd, so I would like to know if any one can give me a hand with this....

 

[nobaloney]

If linux/unix requires a file be world readable then it's got to be world readable.

Perhaps you can figure out how to use SE Linux to get more granular control over file readable, but I don't have the time or energy to do the research.

Perhaps you might want to start devlopment on a fix .

Jeff

 

[gcypher]

You might also block the mysql port from the outside using APF ..

 

[nobaloney]

gcypher,

That won't work because shells written in PHP and uploaded to a website, are seen as originating from the local server, just as are any other calls to MySQL coming from the same server.

Jeff

 

[gbjbaanb]

If the shell is written using PHP, then you'll need to secure your PHP system, namely enabling open_basedir, and restricting the exec() functions, and possibly enable safe mode too.