Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:29647 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 29342 invoked by uid 1010); 21 May 2007 21:59:58 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 29326 invoked from network); 21 May 2007 21:59:58 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 21 May 2007 21:59:58 -0000 Authentication-Results: pb1.pair.com header.from=stas@zend.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=stas@zend.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain zend.com designates 63.205.162.114 as permitted sender) X-PHP-List-Original-Sender: stas@zend.com X-Host-Fingerprint: 63.205.162.114 unknown Windows 2000 SP4, XP SP1 Received: from [63.205.162.114] ([63.205.162.114:52868] helo=us-ex1.zend.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 12/D5-19484-C5612564 for ; Mon, 21 May 2007 17:59:58 -0400 Received: from [127.0.0.1] ([192.168.16.109]) by us-ex1.zend.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 21 May 2007 14:59:53 -0700 Message-ID: <46521652.60802@zend.com> Date: Mon, 21 May 2007 14:59:46 -0700 Organization: Zend Technologies User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: sean finney CC: PHP internals References: <465022BE.1020905@hardened-php.net> <7d5a202f0705201415s71982fd2jb61b8bffbb7ba6de@mail.gmail.com> <46513546.5000303@zend.com> <7d5a202f0705202303s2ff4d0cdg1157c1e245c3c2e4@mail.gmail.com> <46513745.7030701@zend.com> <000001c79b71$543e0970$fcba1c50$@com> <46513E93.5000902@hardened-php.net> <465140BE.8050502@zend.com> <4651454B.4080000@hardened-php.net> <465149FE.4070100@zend.com> <46515417.3030904@hardened-php.net> <39310.216.230.84.67.1179780581.squirrel@www.l-i-e.com> <1179783987.6027.30.camel@localhost> In-Reply-To: <1179783987.6027.30.camel@localhost> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 21 May 2007 21:59:53.0534 (UTC) FILETIME=[5C8B4DE0:01C79BF3] Subject: Re: [PHP-DEV] Dismantling the lies... From: stas@zend.com (Stanislav Malyshev) > i've heard (though not confirmed myself) that if php is running as a > loadable apache module it is possible to use such a local attack > vector to read from the apache parent's memory, and extract tasty > morcels such as unencrypted SSL keys. obviously this would have an I don't know if it's possible but some bugs would allow you indeed to real Apache's local memory. I have no knowledge about if the keys are present there in a form that makes possible to steal them. It is quite easy to protect against that, however - by running PHP as FastCGI module. Which seems to be a good solution for people running untrusted code in context of their PHP servers. -- Stanislav Malyshev, Zend Products Engineer stas@zend.com http://www.zend.com/