[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Debian-sf-commits] Commit info
From: |
Roland Mas <address@hidden> |
Subject: |
[Debian-sf-commits] Commit info |
Date: |
Sun, 21 Oct 2001 11:42:58 -0400 |
sourceforge/deb-specific fileforge.pl,1.1
Sun Oct 21 15:42:57 UTC 2001
Update of /cvsroot/debian-sf/sourceforge/deb-specific
In directory subversions:/tmp/cvs-serv1547
Added Files:
fileforge.pl
Log Message:
Adding this script to the repository.
Concept is simple: using system permissions on directories is not
enough, since it gives write access on plenty of directories to the
www-data user.
Using a root setuid script works, but then we have to make sure only
authorised invocations can happen. Again, the permissions system is
not enough. Only pages in the Sourceforge website should be allowed
to run it.
The trick: we check on the existence and validity of information only
available to the appropriate PHP scripts. Namely, the database
password. It's stored in a root:root 600 file, it's only exported to
a select subset of the web pages via a SetEnv directive, so it should
be secure.
Of course, I could be wrong. In that case, please correct me.
This is a Perl script using all kinds of taintedness checks as per
'perldoc perlsec'.
- [Debian-sf-commits] Commit info, (continued)
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/18
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/19
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/19
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/19
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/19
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/19
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/20
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/20
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/20
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/20
- [Debian-sf-commits] Commit info,
Roland Mas <address@hidden> <=
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/21
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/21
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/21
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/21
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/21
- [Debian-sf-commits] Commit info, Roland Mas <address@hidden>, 2001/10/22
- [Debian-sf-commits] Commit info, Christian Bayle <address@hidden>, 2001/10/22
- [Debian-sf-commits] Commit info, Christian Bayle <address@hidden>, 2001/10/22
- [Debian-sf-commits] Commit info, Christian Bayle <address@hidden>, 2001/10/22
- [Debian-sf-commits] Commit info, Christian Bayle <address@hidden>, 2001/10/22