avatar Upload... photogallery Upload... db Backup.... /cache
Posted: Mon Aug 28, 2006 10:34 amIt appeas that the avatar upload and photogallery upload as well as the folders for dbbackup and cache have to be chmod to 777 in order for their respective scripts to work (extreme styles for the latter /cache directory).
However, this allows the hacker to offload Perl scripts into these folders, some of which are eggdrop IRC bots, and then assume super user priviledges to the entire server and thereby hack the site. This doesn't appear to be isolated to just the style selector, as I've been hacked 6 times in the last month, where it only occurs when I chmod the following folders to 777[list type=decimal][*] album_mod/upload [*] images/avatars/ [*] (optionally) cache [/list]
And if dont configure these with 777, then the script doesn't work.
Has anyone thought of and/or realized this glaring security vulnerability? And if so, why is integramod written like this? Someone in the hacker fix thread also noticed the same thing.
Can't we protect these directories with an .htaccess file which will allow the script to write to these folders but prevent hackers remote access? And if not, can't we edit the code such that "world" doen't have to have write access to these folders?
I tried to do something like this
<LimitException>
Order Allow,Deny
deny from all
</LimitException>
and I've also tried
<Directory>
Order Allow,Deny
deny from all
allow from mysite.com
</Directory>
And stuck this .htaccess in the respective folders
But not really certain if this is correct.
Any input would be appreciated. Thanks.
However, this allows the hacker to offload Perl scripts into these folders, some of which are eggdrop IRC bots, and then assume super user priviledges to the entire server and thereby hack the site. This doesn't appear to be isolated to just the style selector, as I've been hacked 6 times in the last month, where it only occurs when I chmod the following folders to 777[list type=decimal][*] album_mod/upload [*] images/avatars/ [*] (optionally) cache [/list]
And if dont configure these with 777, then the script doesn't work.
Has anyone thought of and/or realized this glaring security vulnerability? And if so, why is integramod written like this? Someone in the hacker fix thread also noticed the same thing.
Can't we protect these directories with an .htaccess file which will allow the script to write to these folders but prevent hackers remote access? And if not, can't we edit the code such that "world" doen't have to have write access to these folders?
I tried to do something like this
<LimitException>
Order Allow,Deny
deny from all
</LimitException>
and I've also tried
<Directory>
Order Allow,Deny
deny from all
allow from mysite.com
</Directory>
And stuck this .htaccess in the respective folders
But not really certain if this is correct.
Any input would be appreciated. Thanks.