[Tfug] website file ownership problem
Paul Scott
waterhorse at ultrasw.com
Tue Apr 3 08:39:39 MST 2007
Brian Murphy wrote:
> Quoting Paul Scott <waterhorse at ultrasw.com>:
>
>> A website I maintain - http://www.susanartemis.com/ recently it has
>> become inaccessible because it's main control file has had it's
>> owner/group changed to "root/wheel" and there is no read permission.
>> They are suggesting that I upload a new "script" without security flaws
>> but how can I upload/replace a file that their admin now owns?
>>
>> The hosting company - 1hourhosting.com claims that the site has been
>> hacked because of a security flaw in my code. It is certainly possible
>> that my simple code PHP code might have security flaws but could that
>> have allowed a file's ownership to be changed to root?
>>
>>
>
>
> If you have ownership on the directory you should be able to delete a
> root owned file.
>
> A non-root user should never be able to chown a file to root. Most
> unixes don't allow nonroot any chown privileges. Your provider has
> bigger problems if these things really happened.
>
> At the risk of being flamed, I run a shared web hosting business that
> uses suexec to run all php and cgi files as the user who owns the file,
> not the general apache user. Email me off the list if you would like
> more information. (brian at dormhost.com)
>
I only have FTP access that I know of. I was able to rename the file
and change index.php to point to the new file and get the site back for now.
I was not able to change anything about the original file. Well now I
check back and the original file has the correct permissions and
ownership again and the site is back to normal! I haven't heard back
from them yet so I don't know the rest of the story.
Thanks, Brian and Adrian,
Paul
More information about the tfug
mailing list