Thursday, September 8, 2011

suPHP chroot gotchas

Keep your nose out! 

Chrooting is not a proper security measure and was never intended as such. Nonetheless, when 'proper' chrooting is deployed in a multi-user environment (such as web hosting), it adds a layer of protection against gathering information about the underlaying system, and, more importantly, it stops spying on, or messing with, other users' files. How?

Well, let's take the example at hand (web hosting). If you are hosting dynamic web sites you have to give your users some way to run php/cgi scripts. Apache (mod_php) will run all of yours (and others') scripts as the unprivileged user. By doing so, and since the unprivileged user has to have access to all the hosted web sites, I can write a script to gather your database passwords, to delete all your files, to change all your links to point to some nasty stuff, etc.