'[Gallery-devel] Possible Securing Module'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gallery-devel
Subject:    [Gallery-devel] Possible Securing Module
From:       John McCreight <dalrain () dalrain ! net>
Date:       2002-01-26 19:28:15
[Download RAW message or body]

Hello everyone,
	This is my first time posting to the development mailing list, so I'll begin 
by thanking all the developers for some completely "whup butt" software.  
I've installed Gallery 5 different times so far, and every time it's proven 
it's worth as the greatest gallery I have seen so far, in terms of ease of 
use, and flexibilty.

And now to the idea (or possibly task) at hand.  While using gallery, and 
actually PHP in general, there is the encumerance of one having to actually 
run a specific httpd process as a user to properly get permissions to read 
and write to files within a directory upon a webserver as a proper user.  
While setting permissions on the albums directory to 777 can fix this by 
allowing the normal webserver user to access a directory, this is gigantic 
hole in places where virtual hosts are used that are accessable to other 
users.  The other solution, changing the owner of the directory to the web 
user, isn't always feasible in itself, as on most systems (as it should be) 
users are not permitted to "give away" their files.

	To this, if it's feasible, someone shoot me if it isn't, I might propose a 
small wrapping security module in perl, which most web servers today are 
configured to run as a user.  The script could contain very restricting code, 
only accepting connections from the server itself, and then writing files 
that Gallery passes to it to disk.  (The php code could still call netpbm to 
do all the work as usual, just pass it's completed files for writing to the 
perl) Most webservers today would cause permissioning on the files to be 644, 
allowing for the PHP to still read and display said files.  I feel that there 
must be something done to combat the problem of the PHP web user to secure 
things up a bit, and this would be my proposal.  I couldn't see why this 
couldn't be done as an optional module to be installed, and it would probably 
not need to be very large either.  In addition, the user would then own the 
files inside the album, making the album dir deletable easily by mere 
mortals, should that need to occur.

	If I'm a dead wrong idiot, feel free to explain why, and I'll go away again, 
but the security implications of the albums dir has been bothering me for 
some time now.  Thank you for all your expertise, and if anyone might be 
interested in attempting to modularize such a thing, let me know.   Either 
way, I'm interested in hearing about the technology, and look forward to 
keeping up with the list.

All the best,
~John McCreight

__[ g a l l e r y - d e v e l ]_________________________

[ list info/archive --> http://gallery.sf.net/lists.php ]
[ gallery info/FAQ/download --> http://gallery.sf.net ]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic