[nzlug] File permission dummy questions
Peter Butler
peter.butler at 141.com
Fri Aug 11 20:28:28 NZST 2006
> Make sure that content in the directories where the web user can write
> stuff is not executable. Make sure PHP, CGI, etc code can't be run be
> the web server in there.
>
> If you can, mount them as 'noexec', which can help in the (unlikely)
> event that someone gets C binary code into there.
>
Thanks, these are excellent tips. I hadn't thought of having
user-supplied content in a separate partition with noexec - it seems
like a nice simple way to ensure nothing will be executed.
Another question: what's the best way to verify that uploaded content
matches the supplied MIME type or file extension? For images I use the
Python imaging library to load and resize images (which is a requirement
of the application anyway), if this fails then the file is discarded.
What about for other media types (e.g. video)? Can I trust the "file"
command to tell the truth about file types?
>> Is there any way I can get the web server to write files that are
>> owned by root but able to be deleted, updated, etc by the web server?
>>
> No, not easily. The only real way to achieve that is to write a
> 'setuid' application that will provide a higher level of security
> checking than your native code, then use that "helper" to manage the
> files.
>
That makes sense. I suppose writing an suid app brings with it a whole
bunch of security concerns in itself.
Cheers
Peter
More information about the NZLUG
mailing list