On Fri, 30 Jul 1999, Daniel Stenberg <daniel.stenberg_at_sth.frontec.se> wrote:
>
> On Fri, 2 Jul 1999, Paul Haldane wrote:
> >
> > Some sites (alright at least one site that I know well) are cautious
> > about deploying the new version of hypermail with the ability to make
> > ready decoded attachments available. Concerns relate to the possibility
> > of a file infected with a macro virus being sent as an attachment and
> > then 'run' directly from the web site.
>
> This concern comes up every now and then. I don't understand the
> reason for this worry. Could someone please share their wisdom and
> thell me a fully possible way to attack a PROPERLY setup web server
> this way?
As Paul already noted, there are other concerns (macro viruses, etc.)
However, a properly configured http server could still be subjected to malevolent actions by an attached CGI script if the server was configured to allow .htaccess files to override global parameters *and* if the same person also sent an attached .htaccess file containing the settings (ExecCGI) s/he desired to enabled in the given directory.
I realize that there are ways to prevent this problem to (for instance the installation of a .htaccess file with 0400 permissions in any directory where attachments will be uncompressed). I think the bottom line is a) programming hypermail not to make any *really* stupid moves, and b) documenting a suggested best practice explaining how to avoid potential vulnerabilities. You can't force people to read your recommended configuration guidelines, but at least you can point to them when somebody complains they weren't adequately warned...
-- Craig A. Summerhill, Systems Coordinator and Program Officer Coalition for Networked Information 21 Dupont Circle, N.W., Washington, D.C. 20036 Internet: craig_at_cni.org AT&Tnet (202) 296-5098Received on Fri 30 Jul 1999 06:29:23 PM GMT
This archive was generated by hypermail 2.2.0 : Thu 22 Feb 2007 07:33:51 PM GMT GMT