lsphp: suPHP-like paranoid mode

[Gerry]

I would like to know if there is something available like suPHP's paranoid mode (see http://www.suphp.org/DocumentationView.html?file=INSTALL) where a script will only be executed if the group and owner match those in the configuration file.

If not, is such a feature considered for future inclusion?

Thanks!

 

[mistwang]

LSWS PHP suEXEC does not change UID/GID based on file ownership, instead it always change UID/GID to the owner of the web site.

 

[Gerry]

Thanks for your answer, however it is not really what I meant.

I didn't mean that LSWS should take over the UID/GID of the file it executes, that would be a bad idea anyway, but perhaps there should be an option to have LSWS refuse to execute a file if its UID/GID does not match the UID/GID specified in the vhost configuration.

We had the case just last week on a shared hosting server. Customer X had a world-writable directory. A "hacker" attacked the website of customer Y, found the world-writable directory in X's website and wrote a file there. That file was thus owned by Y, under X's website.
The "hacker" proceeded by surfing to the file on X's website, thereby executing it with X's user and defacing X's website as well.

Of course, it is X's fault for having a world-writable directory, but this could have been prevented if LSWS had refused to execute Y's file with X's permissions.

 

[NiteWave]

please check if the new feature from 4.1.5 just what you want:
Server -> Security -> Script Restricted Permission Mask: default is 000, set it to 022

and

Server -> Security -> Script Restricted Directory Permission Mask