[php-maint] Bug#605571: Bug#605571: libapache2-mod-php5: Please enable pcntl functions
seanius at debian.org
Wed Dec 8 20:37:25 UTC 2010
On Wed, Dec 08, 2010 at 08:28:31PM +0100, Raphael Hertzog wrote:
> So there are security concerns apparently... any specific security risk
> or just the fear of letting malicious people use those functions to run
> daemons where it was not intended?
i guess that'd be a bit problematic, but i'm sure an enteprising individual
could find a way to do the same thing via the standard system() calls.
the real problem as i see it is that having a working and direct path
to fork()/exec() opens up the possibility to read(/write?) arbitrary
memory addresses in the apache processes, something that even an evil
developer trying to write malicious code should not be able to do.
 i have PoC code that can read "some interesting private things" from
httpd's memory, but am not sure that anything useful can be done writing.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 198 bytes
Desc: Digital signature
More information about the pkg-php-maint