Fw: possible security hole

Derek Vokey turfdog@planetturf.ca
Wed, 6 Dec 2000 09:00:06 -0800


----- Original Message -----
From: "Derek Vokey" <turfdog@planetturf.ca>
To: "Florian Weimer" <fw@deneb.enyo.de>
Sent: Wednesday, December 06, 2000 8:58 AM
Subject: Re: possible security hole



>
> > > There is no telnet access or any other command line access to anyone
> other
> > > than root on this server. Is there a way to examine the environment of
> the
> > > shell process strictly through cgi?
> > What does "strictly through cgi" mean? If you allow uploading
> > arbitrary CGI programs by users, that's almost equivalent to shell
> > access and certainly sufficient for reading the environment of other
> > processes, at least on Linux (where you can read /proc) and some other
> > systems (where you can invoke 'ps e').
>
> yes they can upload arbitrary cgi and invoke ps -e via exec (and I
apologize
> for my ignorance here) but please explain how to read the environment of a
> process that has already occured or sleeping. If i try "more
> /proc/'mypid'/environ I get permission denied.
>
> Hasn't the process already passed by the time someone tries to access it
or
> does it remain in memory. Is the time delay not a measure of protection?
If
> not, would it not be possible to unset($sensitiveinfo) so the the script
> terminates with an invalid value for it? (I guess I don't really
understand)
> I have been able to see the command line of the script that I am currently
> executing with ps but not of past ones.
>
> Please understand that I am not being argumentative - I really need to
know.
> Could you please share some commands on how to do this?
>
> > Eh, your quoting style is strange.
>
> My first mailing list - I'm working on it.
>
> Thanks
> Derek
>
-- Archive is at http://lists.gnupg.org - Unsubscribe by sending mail with a subject of "unsubscribe" to gnupg-users-request@gnupg.org