Date: Mon, 10 Mar 2003 16:34:20 -0800 (PST) From: Doug Barton <DougB@FreeBSD.org> To: Wes Peters <wes@softweyr.com> Cc: dslb@tiscali.dk, dirk@freebsd.org, hackers@freebsd.org Subject: Re: Insecure PHP installation? Message-ID: <20030310163120.A55907@12-234-22-23.pyvrag.nggov.pbz> In-Reply-To: <200303101627.44459.wes@softweyr.com> References: <3E4A9619000044DD@cpfe2.be.tisc.dk> <20030310105901.L11058@znfgre.tberna.bet> <200303101627.44459.wes@softweyr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 10 Mar 2003, Wes Peters wrote:
> -bash-2.05b$ pkg_info | grep php
> mod_php4-4.2.3 PHP4 module for Apache
EANCIENTPHP
I think that the problem is specific to 4.3.x. FYI dirk, I did the 'find /
-perms +0002' myself, and php is installing a whole bunch of stuff with
world write, so this is a bigger issue than just the one script.
Doug
--
This .signature sanitized for your protection
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030310163120.A55907>