[grsec] TPE - Apache want to run a picture ?
Brad Spengler
spender at grsecurity.net
Thu May 5 09:09:14 EDT 2005
On Thu, May 05, 2005 at 10:31:08AM +0200, Gabor Vincze wrote:
> Hey All,
>
> I've tried this Trusted Path Execution stuff on one of our servers.
> I've put www-data group into the untrusted group to prevent attackers
> running their scripts being uploaded via some php bugs etc. ...
> After turning on TPE, I received a lot of messages like:
Looks like it's trying to map the image files executable (which is
wrong). Just to be sure, can you mail me an
strace -e open,old_mmap,mprotect of the apache process?
-Brad
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://grsecurity.net/pipermail/grsecurity/attachments/20050505/d0aa18ca/attachment.pgp
More information about the grsecurity
mailing list