Vuln php proc nice

From Atomicorp Wiki
Revision as of 18:55, 10 February 2012 by Mshinn (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

PHP function allowed proc_nice() Change the priority of the current process.

The PHP function proc_nice() allows allows a user, application or attacker to change to change the priority the process is running as. This may make it possible for an attacker to gain cause a DOS attack on the system, to cause the application to run slower or faster than the system owner allows, or potentially to do other malicious actions on the system.

Next Steps

If this risk is unacceptable for your system, then you will want to disable this capability in PHP.

Step 1: Log into the ASL GUI, click on Configuration and select the ASL configuration menu option. This will open the ASL configuration screen.

Step 2: Scroll down to PHP_CHECKS and make sure this is set to "yes". By default ASL will only warn about PHP vulnerabilities. If you set this to yes, it will also fix these vulnerabilities. If this is set to "no" the next step will not work, so set this to "yes".

Step 3: Scroll down to ALLOW_proc_nice and set this to "no".

Step 4: Click the "update" button.

This will resolve this vulnerability.

Personal tools