[Hcoop-discuss] CGI/PHP script security

Ryan M. kubisuro at att.net
Fri Dec 16 18:34:12 EST 2005


Hello,
apparently at around 1pm EST EXIM took a nose-dive, for I don't know what reasons.  The daemon was running, but it wasn't accepting mail:

<ryan at hcoop.net>
	Permanent Failure: 550_relay_not_permitted
	Delivery last attempted at Fri, 16 Dec 2005 23:11:15 -0000

Luke Chaos gave me the heads-up, so I investigated, and found odd things with domtool (probably unrelated, really):

ryan at fyodor:/home/domtool/domains/net/distortions/korea$ domtool
/bin/rm: cannot chdir from `.' to `/home/domtool/scratch/slaves/abu': Permission denied
/etc/domains/net/hcoop/new/.dns: IO error for openOut on /home/domtool/scratch/slaves/abu/destination:
        /etc/domains/net/hcoop/new/.dns: System error: Permission denied
/etc/domains/net/hcoop/.dns: IO error for openOut on /home/domtool/scratch/slaves/abu/destination:
        /etc/domains/net/hcoop/.dns: System error: Permission denied
/etc/domains/net/pldb/.dns: IO error for openOut on /home/domtool/scratch/slaves/abu/destination:
        /etc/domains/net/pldb/.dns: System error: Permission denied
/etc/domains/net/schizomaniac/.dns: IO error for openOut on /home/domtool/scratch/slaves/abu/destination:
        /etc/domains/net/schizomaniac/.dns: System error: Permission denied
/etc/domains/net/lazybastard/.dns: IO error for openOut on /home/domtool/scratch/slaves/abu/destination:
        /etc/domains/net/lazybastard/.dns: System error: Permission denied
/etc/domains/net/lostwebsite/.dns: IO error for openOut on /home/domtool/scratch/slaves/abu/destination:


etc etc etc etc...

I ended up making an empty file in my korea.distortions.net domtool directory, ran domtool and got
(stuff like above)
       /etc/domains/mu/hkn/.dns: System error: Permission denied
/etc/domains/mu/hkn/.backup: Invalid domain name
Processing complete.
419,427d418
<       ServerName test.korea.distortions.net
<       ErrorLog /var/log/apache2/test.korea.distortions.net/error.log
<       CustomLog /var/log/apache2/test.korea.distortions.net/access.log combined
<       IndexOptions FancyIndexing FoldersFirst
<       SuexecUserGroup ryan ryan
<       UserDir disabled
< </VirtualHost>
<
< <VirtualHost *:80>
Reloading web server config...done.

At that point, exim began to behave properly.  However, I can't delete "test" now (-rw-r--r--  1 domtool domtool) and domtool says:
ryan at fyodor:/home/domtool/domains/net/distortions/korea$ domtool
/etc/domains/org/quarl/.TRASH: Invalid domain name
/etc/domains/org/quarl/.backup: Invalid domain name
/etc/domains/mu/hkn/.backup: Invalid domain name
Processing complete.


Anyway, just a heads-up.  Something whacky is going on with domtool configuration stuff.

Ryan




More information about the HCoop-Discuss mailing list