- From: Eric Gauthier <gauthier@centre.edu>
- Date: Wed, 3 Jan 96 0:37:00 EST
- To: flavio@sol.dimap.ufrn.br, www-html@w3.org
> Some weeks ago I got some mails about some potential security risks > about the method GET /a/b/../file. I am a graduated student at UFRN in Brazil > and I am working on a project about network security. > > The question is where can I find some texts about the risks of the > GET method? I am looking for a archive that has to do only with it or at least > get close. > The security risk here is a bit indirect. The problem lies in using the relative directory scheme. Web Servers are designed to only allow web access to certain directories. It become very difficult for servers to identify which actual directory is being accessed when you use a ./ or a ../ in a path. The danger here is that it gives access to all the files on ones machine which are world readable. For example, the password file on UNIX systems must be readable by everyone so that login requests for all users can be processed. This password file contains the encrypted version of a users password (among other information). With this file, one can determine the actual password for a user and then use that account to hack into a machine. Other problems I believe are similar. This, at least, was the danger which was discusssed in an operating systems computer science class that I had here at Centre College. Anyone else think of something different? Eric Gauthier gauthier@centre.edu
Received on Wednesday, 3 January 1996 00:43:50 UTC