====== Sensitive Data in Globally Readable File Vulnerability ======

On a [[security:shared host or compromised system]] private information such as database passwords and other sensitive data may be readable by another user on the system.

===== Exploits =====

Commonly web servers run as a certain "user" on a system.  Usually this one "user" process (web server) has access to any globally-readable file on the file system.  It's trivial to craft PHP (or any other server-side language) to read arbitrary files on the file system.  Coupled with the fact the most shared hosting environment user configurations are identicle, any user that knows how his own account or file-system space is layed out is likley to know any other user's general layout, too, and thusly mail know exactly where to read sensitive information.

===== Remedy =====

  * Strict web server adherance to user separation and security policies.
  * [[http://www.php.net/features.safe-mode|PHP safe mode]] and other security tactics.

===== Additional Information =====

  * See [[security:web_application_security|web application security]] and [[catalog|security vulnerabilities catalog]].
  * [[http://www.php.net/features.safe-mode|PHP safe mode]]