FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » FUDforum Development » Bug Reports » uninstall.php
Show: Today's Messages :: Polls :: Message Navigator
Switch to threaded view of this topic Create a new topic Submit Reply
uninstall.php [message #24625] Sat, 07 May 2005 10:50 Go to next message
danger is currently offline  danger   Slovakia
Messages: 11
Registered: May 2005
Location: Slovakia
Karma: 0
Junior Member
firstly: I don't know if i can call this "bug" but it is really big security hole :/

I have taken note that in the forum directory, there is a uninstall.php script. So I have decided to touch if from web. I got a html form, where I have just added /home/user and it deleted everything under this directory that was deletable by group under the apache is running (note that if it was running under root, attacker could remove whole filesystem)!!! (luckily I had everything backuped.)

I think that this script could be chmoded to 000 after forum install and when user decide to uninstall his forum, he will need to chmod it to 644. alternatively, there should be some kind of authentification method, since the after-effects should be really bad if some attacer is able to run this script :/

[Updated on: Sat, 07 May 2005 11:05]

Report message to a moderator

Re: uninstall.php [message #24633 is a reply to message #24625] Sat, 07 May 2005 15:12 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
I've added notes about this script in the readme files distributed with the forum. But, you must understand is that this file is not intended for web directories nor can it have authentication because the forum install may have failed and we can't query the login database.

For safety purposes from now one the script's permissions will be 0600, preventing it to be executed via the web by default.


FUDforum Core Developer
Re: uninstall.php [message #24639 is a reply to message #24633] Sat, 07 May 2005 16:25 Go to previous messageGo to next message
danger is currently offline  danger   Slovakia
Messages: 11
Registered: May 2005
Location: Slovakia
Karma: 0
Junior Member
Ilia wrote on Sat, 07 May 2005 17:12

I've added notes about this script in the readme files distributed with the forum. But, you must understand is that this file is not intended for web directories nor can it have authentication because the forum install may have failed and we can't query the login database.

For safety purposes from now one the script's permissions will be 0600, preventing it to be executed via the web by default.


ok, that's better.
there should be some kind of check in script, if we are really deleting only FUDforum directories, no more, no less...
Re: uninstall.php [message #24641 is a reply to message #24639] Sat, 07 May 2005 17:22 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
The uninstaller can't possibly know that, because the installation process may have failed and only partial data exists.

FUDforum Core Developer
Re: uninstall.php [message #24644 is a reply to message #24641] Sat, 07 May 2005 17:42 Go to previous messageGo to next message
danger is currently offline  danger   Slovakia
Messages: 11
Registered: May 2005
Location: Slovakia
Karma: 0
Junior Member
www root paths are setted in GLOBALS.php, so it should be possible to check it theres, shouldn't it?
Re: uninstall.php [message #24645 is a reply to message #24644] Sat, 07 May 2005 18:25 Go to previous message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
The GLOBALS.php may not exist.

FUDforum Core Developer
  Switch to threaded view of this topic Create a new topic Submit Reply
Previous Topic: Errors on [New topic] and [Reply] functions when using [Romanian]
Next Topic: hidden category
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sun Nov 10 00:33:13 GMT 2024

Total time taken to generate the page: 0.02319 seconds