Maybe im just being naive but couldn't you just check the file extension/mime type to make sure uploads are images, and not allow execution rights on uploads?
Dennis
On 10/2/07,
Mark Rogers <mark@quarella.co.uk> wrote:
Is it possible to prevent Apache from running a script from a writeable
directory?
It's common these days to have some writeable directories with (for
example) CMS packages like Joomla, which use them for uploaded images
etc. However I have a server that's been exploited through a badly
written plugin which used the normal upload mechanism to upload the
script, then ran the script directly via an HTTP request to the uploaded
file. That script was used to send spam, so despite the limited write
permissions it was restricted to it was still able to do a lot of harm.
Any of my own code which requires this always puts the writeable
directories outside docroot but that doesn't seem to be an option with
Joomla and others like her. I appreciate that they could still be
"included" through abuse of a badly written script in a read-only
directory, but that's at least an order of magnitude harder.
I know that the ability to upload new templates/plugins/etc would break
if I achieve what I'm asking, but it's no big deal having a script which
adds temporary write permissions whilst installing a module and removes
them afterwards. Allowing end users to upload avatars and other images
seems to be the way of the world these days though.
--
Mark Rogers // More Solutions Ltd (Peterborough Office) // 0845 45 89 555
Registered in England (0456 0902) at 13 Clarke Rd, Milton Keynes, MK1 1LG
_______________________________________________
main@lists.alug.org.uk
http://www.alug.org.uk/
http://lists.alug.org.uk/mailman/listinfo/main
Unsubscribe? See message headers or the web site above!