Cancelado

webserver security challenge

The challenge is how to secure PHP files on a webserver. This will require some serious Linux Administrator skills and also some C and/or PHP.

## Deliverables

To simplify this project requirements, we will work with only two files, which will be located in /home/User/public_html:

[url removed, login to view]

[url removed, login to view]

The file [url removed, login to view] will be owned by 'root', chmod 600 (-rw-------).

The file [url removed, login to view] will be owned by User, chmod 644 (-rw-r--r--).

The User will have FTP access to the server using the User ID.

Apache will be configured to run with the ID 'Apache'.

**The contents of file [url removed, login to view] will be:

**<?php

$value = 3 * 7; // secret formula!

?>

**The contents of file [url removed, login to view] will be:

**<?php

include '[url removed, login to view]';

echo $value;

?>

**YOUR CHALLENGE IS AS FOLLOWS:**

Configure the server in such way, that the script "[url removed, login to view]" will work as expected (http://localhost/~User will display the value "21"), AND the User will be allowed to modify [url removed, login to view] via FTP, AND the User will not be able to obtain the contents of "[url removed, login to view]" (which has the secret formula).

You are allowed to use "any means necessary" to accomplish this: Unix permissions, encryption, PHP interpreter modification, Linux kernel modification, additional programs/layers, etc.

* * *This broadcast message was sent to all bidders on Monday Jul 14, 2008 8:10:55 PM:

hi All, Thanks for your interest in this project, but I have finally found out, it is very easy to do by simply using Unix permissions in combination with PHP safe_mode and disable_functions. This last part is critical to prevent access as the Apache user. None of the bidders were aware of this capability.

Habilidades: Programação C, PHP

Ver mais: security administrator, php programming in very easy way, interpreter programming, c# programming challenge, c programming challenge, challenge programming, c# challenge, broadcast programming, apache programming, webserver, unix administrator, secure programming, r programming project, linux kernel, Challenge, run administrator script, php script interpreter, apache server 2008, project challenge script, php challenge, apache linux webserver user, interpreter work, interpreter|, linux apache programming, apache server permissions

Acerca do Empregador:
( 295 comentários ) San Diego, United States

ID do Projeto: #3046222

2 freelancers estão ofertando em média $70 para este trabalho

williambetts

See private message.

$55.25 USD in 14 dias
(7 Comentários)
3.4
merlincoreyvw

See private message.

$85 USD in 14 dias
(2 Comentários)
0.5