[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ProgSoc] Incubus httpd down again?



Robert Howard wrote:
>> Unfortunately, in the same breath I have to report that incubus has
>> been taken down due to another web exploit, the same kind as that
>> which caused succubus to be taken off the air.
> 
> I'm getting phobos sorted out with mail first, then taking both incubus
> and succubus down for a reinstall. When I bring them back up, I'll make
> sure I have suphp working so we don't run into this problem again (as
> far as being vulnerable to dodgy PHP scripts, I mean).
> 
> Until then, web is going to be down, sorry.

Fair enough.  I suspect we'll have to do more than just suPHP though,
since that'll just make exploits easier to find, not really prevent
them.  It seems both exploits we've run into have occurred due to people
running vulnerable scripts which can be exploited by passing malicious
parameters.  It's considered good practice these days to deactivate
register_globals in php, and given we're running a wide variety of
assorted scripts belonging to many users, we may be best turning it off.
 Yes, it'll break a lot of very badly written scripts, but if it's
causing all this trouble, the hell with it, it's no good keeping a few
bad scripts running if it's at the cost of the security of the entire
system.

-
You are subscribed to the progsoc mailing list. To unsubscribe, send a
message containing "unsubscribe" to progsoc-request@xxxxxxxxxxxxxxxxxxx
If you are having trouble, ask owner-progsoc@xxxxxxxxxxxxxxxxxx for help.