Date: Tue, 18 Mar 2003 07:39:59 -0500 From: Bill Moran <wmoran@potentialtech.com> To: Socketd <db@traceroute.dk> Cc: freebsd-questions@freebsd.org Subject: Re: Insecure PHP installation Message-ID: <3E77139F.10003@potentialtech.com> In-Reply-To: <20030318122217.GA136@main> References: <20030318122217.GA136@main>
next in thread | previous in thread | raw e-mail | index | archive | help
Socketd wrote: > About 2 weeks ago I wrote to hackers@freebsd.org concerning my discovery > of mod_php installing files world writable (amoung these atleast one > script). They told me to write the maintainer dirk@freebsd.org, which I > have done twice now and have not received an answer. > > I have a FreeBSD 4.7-p7 computer with mod_php 4.3.1 installed and > several files are world writable, also a script /usr/local/bin/pear, so > I hope someone can do something about this or tell me that it is > supposed to be like this. Have you tried installing mod_php from source to see if it uses the same permissions? If it does, then you need to contact the PHP people. -- Bill Moran Potential Technologies http://www.potentialtech.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E77139F.10003>