On 9/13/07, Daniel F. Kudwien <news@unleashedmind.com> wrote:
Um, perhaps you all have not seen previous threads about the hazards of allowing executable code in a writeable directory?
-Peter
By referencing to those 'obvious' discussions without any link or quote, I'm feeling quite stupid now. I've searched drupal.org, the development list archives and Google for the terms executable, code, writeable, directory(, drupal). Guess what? I did not find any thread containing useful, deep-insight information about why other systems like JOS/MOS are (more or less) successfully using writable directories for their modules [components] for quite some time now and Drupal is not.
Could someone please direct me/us to some einlightening issues and/or threads? That would be greatly appreciated.
Consider this: - a PHP script has write access to your module folders (where PHP scripts reside) -> if any small remote injection vulnerability is found in Drupal or any module you use, anyone can plant arbitrary PHP scripts on your site -> even if your system is "100% secure", if you are on a shared host, most of the time you get a PHP process which runs under the same user name/permission for all sites... if there is any vulnerability in any of the other sites, anyone can plant arbitrary PHP scripts on your system -> alternatively people whom you share your server with can write targeted code to easily plant arbitrary PHP scripts in your webroot In short: As long as PHP scripts are allowed to write directories, where PHP scripts are stored, any PHP script running on the server can write to that directory, either on purpose or by exploiting security holes. Gabor