PHP Classes

I never saw anything less secure than this solution.

Recommend this page to a friend!

      Login with Linux passwd or shadow  >  All threads  >  I never saw anything less secure...  >  (Un) Subscribe thread alerts  
Subject:I never saw anything less secure...
Summary:Package rating comment
Messages:7
Author:Artur Graniszewski
Date:2011-12-05 13:42:35
Update:2013-03-14 18:54:28
 

Artur Graniszewski rated this package as follows:

Utility: Bad
Consistency: Good
Examples: Sufficient

  1. I never saw anything less secure...   Reply   Report abuse  
Picture of Artur Graniszewski Artur Graniszewski - 2011-12-05 13:42:35
I never saw anything less secure than this solution. In order to make it work, the HTTP server would have to be launched using a sudo'er user account.

This is a most important part of securing the server: NEVER USE A PRIVILEGED USER TO HANDLE USER REQUESTS! In case of buffer overflows or fatal exceptions entire server would be compromised!.

What else? Your script is prone to the race-condition attack. A potential malicious user with an access to the PHP intepreter (even if launched using an unprivileged account) could access the /tmp/shadow and /tmp/passwd files created by this class.

  2. Re: I never saw anything less secure...   Reply   Report abuse  
Picture of Marcus Brasizza Marcus Brasizza - 2011-12-06 00:24:55 - In reply to message 1 from Artur Graniszewski
I agree..
but this script will be use in a controlled server that anybody can't access..
and it just to explain that it's possible do in a simple way

  3. Re: I never saw anything less secure...   Reply   Report abuse  
Picture of Colin McKinnon Colin McKinnon - 2012-01-08 14:18:18 - In reply to message 2 from Marcus Brasizza
I think if Artur "never saw anything less secure than this solution" then I'd not be rushing to engage his consulting services (I've seen some real howlers in my time). However there is a very good reason for migrating passwords from /etc/passwd to a file readable only by root - and anything which undermines this privilege separation *should* be clearly labelled as such.

  4. Re: I never saw anything less secure...   Reply   Report abuse  
Picture of Jaimin Mody Jaimin Mody - 2013-03-13 09:44:51 - In reply to message 1 from Artur Graniszewski
Can u jst tell me to how to use this class in my php file..
please mail the solution on my mailid 092051.ce@ddu.ac.in

  5. Re: I never saw anything less secure...   Reply   Report abuse  
Picture of Marcus Brasizza Marcus Brasizza - 2013-03-13 11:52:46 - In reply to message 4 from Jaimin Mody
Well..
All solutions have their particularities and the security is relative.
For instance, if you have a software intranet that is inside your company, I don't see a problem to put root in apache of any other user, if of course you know how.
In this case you need a Linux (fedora tested) with apache accessing a root.

I can't imagine anybody using root fo apache in a vps or websites.

  6. Re: I never saw anything less secure...   Reply   Report abuse  
Picture of Artur Graniszewski Artur Graniszewski - 2013-03-14 13:55:50 - In reply to message 5 from Marcus Brasizza
Most of todays attacks (versus Google, Facebook, and even antivirus companies like Bit9) were hacked from the intranet.

How does it work? Just send an e-mail with worm to a non-technical employee of that company and watch what will hapen next. Most worms are designed to attack Active Directory servers (and get admins password by brute force and such), scan the entire LAN for other workstations and servers, perform remote attacks on network services like FTP, HTTP, LDAP, AD or NetBios.

In that case this root solution would fail epically. Especially that most of companies I saw, do not have the DMZ set between LAN workstations and their servers.

None of serious security auditors would approve this solution.

  7. Re: I never saw anything less secure...   Reply   Report abuse  
Picture of Marcus Brasizza Marcus Brasizza - 2013-03-14 18:54:28 - In reply to message 6 from Artur Graniszewski
Artur Graniszewski,
I deeply respect your opinion about security.
But in my solution we are sure no one will have access to the application server because it is not accessible by the internet.

I researched a lot to achieve this solution and I know that is not the best, but that is the only supported access.

The class is purely academic and should be used with extreme caution and only if you know what you're doing.

Thanks and have a great day!