[Clipart] Site fixup work

Bryce Harrington bryce at bryceharrington.org
Fri Nov 11 20:21:56 PST 2005 

On Fri, Nov 11, 2005 at 02:27:10PM -0500, Nathan Eady wrote:
> Bryce Harrington wrote:
> 
> >> 2.  Which of the upload*.cgi files do we actually need?  (Remove the
> >>     ones that are not needed.)  [jonadab]
> 
> The one we need most is upload_svg.cgi, but we also were using
> upload_screenshot.cgi, although it really is not essential.
> 
> >> 4.  (DONE) Review submit.php for security vunerabilities [kees]
> > 
> >        -- submit.php had some bad security issues.  It appears to not be
> >           used anywhere though, so has been disabled.
> 
> submit.php was the original, non-metadata-aware upload facility;
> as far as I am aware we do not need it any longer, so if it has
> security issues, leaving it disabled is probably the right choice.

Okay sounds good.  In fact, would you mind deleting it (and any others
we don't need?)  If by some weird chance we happen to need them, we can
always pull them out of the cvs history.

> >> 2.  (DONE) Restore the group and other read permissions for the incoming dir [bryce]
> >> 3.  Remove exec permissions from all files in all the incoming dirs []
> > 
> >        -- Probably not necessary as it won't do much good.  The upload
> >           scripts should be modified to use a umask that doesn't give
> >           exec permissions.
> 
> I have been given to understand from what someone else here said
> that PHP will happily execute files that don't have the execute bit
> set.  Is that true, and if so isn't there any way to fix that, or
> disable PHP for the incoming dirs?

It's true that the permissions are ignored by php.  Kees verified that.

I investigated how to disable php on a per-directory basis and found
some apache configury to do it.  Unfortunately I wasn't able to get this
done via an .htaccess file.  I've sent in a bug to the fdo folks to add
this to the apache config for our incoming dir, but haven't heard if
they've implemented it yet.

> Regarding the things I need to do:  I have a mostly-working system
> built on my workstation now, so once I copy over my data from the
> old drive (including my private key), I should be able to log in
> to the server again, do CVS, and so forth.  Early next week, maybe.
> It sure will be nice to be back in action.

Great to hear!

Bryce

More information about the clipart mailing list