Bug 70775
Summary: | Uploaded files have execute permission set | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Karl O. Pinc <kop> |
Component: | apache | Assignee: | Joe Orton <jorton> |
Status: | CLOSED WONTFIX | QA Contact: | Brian Brock <bbrock> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 7.2 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2004-09-21 10:51:19 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Karl O. Pinc
2002-08-05 03:26:01 UTC
Presently permissions on uploaded files are: -rwxr-xr-x You'd only be able to exploit this if your script saved uploaded files into somewhere that the webserver would execute them. If you _are_ doing this then you should stop, since you can make an exploit without requiring execute permissions: PHP, mod_perl, mod_python, etc don't require their scripts be executable. It is, however, a little strange that they arrive with execute permissions set, and it should probably be fixed. In the meantime you can always fix this in your script by chmod()ing them (see http://www.php.net/manual/en/function.chmod.php). By the way, using umask() in your script probably won't work since PHP downloads the file before any of your code executes. Thanks for the report. This is a mass bug update; since this release of Red Hat Linux is no longer supported, please either: a) try and reproduce the bug with a supported version of Red Hat Enterprise Linux or Fedora Core, and re-open this bug as appropriate after changing the Product field, or, b) if relevant, try and reproduce this bug using the current version of the upstream package, and report the bug upstream. |