[CentOS] Strange Apache log entry

Nataraj incoming-centos at rjl.com
Sun Aug 29 18:42:20 UTC 2010


Gordon Messmer wrote:
> On 08/29/2010 05:51 AM, Stephen Harris wrote:
>   
>> There's nothing special about /proc/$$/environ.  All the variables in there
>> are already available to the process.  eg
>>     
>
> Yes, and the shell could even be made to do as you wanted if you could 
> convince a script to "source /proc/$$/environ".  You don't see many web 
> services written in POSIX sh, though.
>
>   
>> Badly written CGI programs are badly written CGI programs no matter
>> what language they're written in.  The exact nature of the exploit may
>> be different, but they all fall into a similar class - the programmer
>> ****ed up.
>>     
>
> Yes, that's true, but the original message in this thread saw an attempt 
> to load /proc/self/environ through a php script.  You're getting pretty 
> far off topic, now.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>   
I think running apache in a chroot environment might be one of the most 
effective protections.  I used to do that in the past, but I found it 
too much work to maintain.  Now there are things like mod_chroot and 
perhaps other tools, but I have no experience with them and don't know 
if they make it easier.

Nataraj




More information about the CentOS mailing list