On Mon, Mar 13, 2006 at 09:02:13AM +0200, Enver ALTIN wrote:
> If you have to leave some writable folders for Apache user, say, /tmp,
> moving /tmp to another partition/filesystem and mounting it with
> "noexec" option would prevent most harm /any/ PHP script can cause.
Not true.
Several o
Hi,
Florian Reitmeir wrote:
I had a similar encounter about 2 months ago. The intruder exploited a
PHP script that was poorly written. If you check your http access logs,
you will most likely find an entry about the PHP that is been exploited.
Once you find the offending PHP script, you can ei
- Original Message -
From: "Petter Senften" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, March 07, 2006 3:23 AM
Subject: security issues with apache!
[deleted for brevity]
Now, like I said - I'm not a pro, I'm trying to learn by doing.
Unfortunately how this happens is way over my experi
> I had a similar encounter about 2 months ago. The intruder exploited a
> PHP script that was poorly written. If you check your http access logs,
> you will most likely find an entry about the PHP that is been exploited.
> Once you find the offending PHP script, you can either remove it or
>
Hi
I'm not completely new to Debian or Linux, but I wouldn't classify
myself as a battlescarred sysadmin just yet :)
Anyways. My problem is security-related, and I hope that I'm posting to
the correct list as well as hoping that someone can help me out here.
Recently I've noticed that my Apac
Hello Petter
The actual list for security issues is debian-security. The address of this
list its
on the CC. We can now leave debian-user and switch our discussion into
debian-security.
This is quite hole! Can't believe there's such a big spot in Apache / Sarge and
we
didn't heard of it. Can yo
6 matches
Mail list logo
