LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page how to secure the upload
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-20-2004, 01:07 PM   #1
abd_bela
Member
 
Registered: Dec 2002
Location: algeria
Distribution: redhat 7.3, debian lenny
Posts: 627

Rep: Reputation: 31
how to secure the upload

Hi,
I drive my web server with apache/php, and permit to the users who have a count to upload , the users are declared nologin.
Unfortunatly then can upload a php program for example , and run it, and can see every thing in my disk. because the php application is running by apache.
How to deny the execution of the php program, is there something in apache config ? , the problem is that toexecute a php program you only need read permission, and if you remove the read permission nobody can download the file.
Ok , there is a possibility , change the extension or add another one like for exemple txt. May be better solution exists.
thanks for help
bela
 
Old 03-20-2004, 09:28 PM   #2
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Rep: Reputation: 46
In your VirtualHost area put

Code:
<Location /nophp>
php_admin_value engine 0
</Location>
 
Old 03-21-2004, 12:01 PM   #3
abd_bela
Member
 
Registered: Dec 2002
Location: algeria
Distribution: redhat 7.3, debian lenny
Posts: 627

Original Poster
Rep: Reputation: 31
thank you,
in fact I have not define a virtual host
any way I 'll try to check it
thanks again
bela
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
VSFTPD with secure & non-secure logins Ricci Graham Linux - Software 6 02-24-2020 11:49 PM
Upload questions webwolf70 Linux - Networking 2 06-28-2005 11:34 PM
Secure email (SSL vs. secure authentication) jrdioko Linux - Newbie 2 11-28-2004 01:39 PM
IglooFTP-PRO refuses to upload files in folder when I upload folder eBopBob Linux - Software 0 08-27-2004 05:52 AM
vsftpd very very secure, so secure i can't use it... baronsam Linux - Networking 4 10-06-2003 06:12 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:02 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration