[PHP-users 8597] ¥»¥¥å¥ê¥Æ¥£¡¼´ØÏ¢¥»¥ß¥Ê¡¼
Yasuo Ohgaki
php-users@php.gr.jp
Fri, 12 Jul 2002 10:36:40 +0900
Âç³À¤Ç¤¹¡£
¼êÁ°Ì£Á¹¡õÍÎÁ¤Ç¶²½Ì¤Ç¤¹¤¬¡¢¥»¥¥å¥ê¥Æ¥£¡¼´ØÏ¢¤Î¥»¥ß¥Ê¡¼¤Î¹Ö»Õ¤ò¤¹¤ë»ö
¤Ë¤Ê¤ê¤Þ¤·¤¿¡£ÀʤˤޤÀ;͵¤¬¤¢¤ë¤é¤·¤¤¤Î¤Î¤Ç¡¢¤â¤·¤è¤í¤·¤±¤ì¤Ð¤ª±Û¤·¤¯
¤À¤µ¤¤¡£
»ä¤Î¹Ö±é¤Ç¤Ï¡¢¥³¥ó¥Ô¥å¡¼¥¿Ëɸæ¤Î´ðËÜŪ¤Ê¹Í¤¨Êý¤«¤é¡¢Stack Smashing,
Heap Smashing, DoS, Cross Site Scripting AttackÅù¤Î»ÅÁȤߤÈ
ÂнèÊýË¡¡¢ÍÍѤʥª¡¼¥×¥ó¥½¡¼¥¹¤Î¥»¥¥å¥ê¥Æ¥£¡¼´ØÏ¢¥Ä¡¼¥ë¡¢PHP¥×¥í¥°¥é¥ß
¥ó¥°¤Ë¤ª¤±¤ë¥»¥¥å¥ê¥Æ¥£¡¼¾å¤ÎÃí°ÕÅÀ¡¢Èó¾ï¤Ë´í¸±¤È¹Í¤¨¤é¤ì¤ëIE¤Î¥»¥¥å¥ê
¥Æ¥£¡¼¥Û¡¼¥ë¤â¾Ò²ð¤·¤Þ¤¹¡£
# ÆÃ¤Ë´í¸±¤ÊIE¥»¥¥å¥ê¥Æ¥£¡¼¥Û¡¼¥ë¤À¤±¤³¤Î¾ì¤ò¼Ú¤ê¤Æ¾Ò²ð¤·¤Þ¤¹¡£
# Àè·îËö¤Ë¡¢IE¤ËÈó¾ï¤Ë´í¸±¤Ê¥»¥¥å¥ê¥Æ¥£¡¼¥Û¡¼¥ë¤¬¸«¤Ä¤«¤Ã¤Æ¤¤¤Þ¤¹¡£
# ¹âÅÙ¤ÊÃ챤¬¤Ê¤¯¤Æ¤â¡¢Web¥µ¥¤¥È¤Ë¥¢¥¯¥»¥¹¤·¤Æ¤¤¿¥æ¡¼¥¶¡¼¤Ëµ¤ÉÕ¤«
# ¤ì¤ë»ö¤Ê¤¯¡¢Ç¤°Õ¤Î¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô/¼èÆÀ²Äǽ¤Ç¤¹¡£
# hotmail¤Î¥¢¥«¥¦¥ó¥È̾¤ä¥¯¥Ã¥¡¼Åù¤â¼èÆÀ²Äǽ¤Ç¤¹¡£¥¢¥¿¥Ã¥«¡¼¤Ï¤ï
# ¤¶¤ï¤¶¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤Ç櫤ò¤Ï¤ëɬÍפ⤢¤ê¤Þ¤»¤ó¡£
#
# ËɱҺö¡§ActiveX¤Î¼Â¹ÔÁ°¤Ë¥À¥¤¥¢¥í¥°¤òɽ¼¨¤¹¤ë¤è¤¦¤ËÀßÄê¡£°°Õ¤Î
# ¤¢¤ë¥µ¥¤¥È¤«¤éActiveX¤Î¼Â¹Ôµö²Ä¤Î¥À¥¤¥¢¥í¥°¤¬¤Ç¤¿¾ì¹ç¤Ë
# "¤¤¤¤¤¨"¤ò¤òÁªÂò¡£
#
# ¥¢¥¿¥Ã¥«¡¼¤Ï¥æ¡¼¥¶¡¼¤ËActiveX¥³¥ó¥Ý¡¼¥Í¥ó¥È¤ò¥À¥¦¥ó¥í¡¼¥É¤µ¤»¤ë
# »ö¤Ê¤¯¡¢¥¢¥¿¥Ã¥¯¤ò¼Â¹Ô¤Ç¤¤Þ¤¹¡£Ä̾ïÀßÄê¤ÎIE¤Ç¤ÏActiveX¤Î¼Â¹Ô¤Ï
# ¼«Æ°Åª¤Ë¹Ô¤Ê¤¦ÀßÄê¤Ë¤Ê¤Ã¤Æ¤¤¤ë°Ù¡¢Èó¾ï¤Ë´í¸±¤Ç¤¹¡£
#
# »ä¤ÎÃΤë¸Â¤ê¤Ç¤Ï¡¢MS¤«¤é¥¢¥Ã¥×¥Ç¡¼¥È¤Ï¤Þ¤À¡¢¸ø³«¤µ¤ì¤Æ¤¤¤Þ¤»¤ó¡£
# Á᤯¥¢¥Ã¥×¥Ç¡¼¥È¤¬¤¢¤ë¤ÈÎɤ¤¤Î¤Ç¤¹¤¬¡¢¡¢¡¢
û¤¤»þ´Ö¤Ê¤Î¤Ç¸Ä¡¹¤Î¹àÌܤò¾Ü¤·¤¯¤´ÀâÌÀ¤Ç¤¤Þ¤»¤ó¤¬¡¢Web¥µ¥¤¥È³«È¯¼Ô¡¢´É
Íý¼Ô¤Ïɬ¤ºÃΤäƤª¤¤¿¤¤¾ðÊó¤ò¤Ç¤¤ë¤À¤±¹ÈϰϤ«¤ÄÍÍѤʷÁ¤Ç¤´¾Ò²ð¤¹¤ëͽ
Äê¤Ç¤¹¡£
ͽÄê¤Î°ìÉô¡Ë
¥Ð¥Ã¥Õ¥¡¡¼¥ª¡¼¥Ð¡¼¥Õ¥í¡¼ÀȼåÀ¤¬¤¢¤ë¥·¥¹¥Æ¥à¤òÈæ³ÓŪ°ÂÁ´¤Ë±¿ÍѤ¹¤ëÊýË¡¡£
Web¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤òÊѹ¹¤»¤º¤ËÆÃÄê¤Î¥¢¥¿¥Ã¥¯¤«¤é¥·¥¹¥Æ¥à¤ò¼é¤ëÊýË¡¡£
Web(PHP)¥×¥í¥°¥é¥ß¥ó¥°¤Ë¤ª¤±¤ëʸ»úÎó¥Á¥§¥Ã¥¯¡õ¥¨¥¹¥±¡¼¥×¤Î½ÅÍ×À¡£
HTTP request header¤ò»È¤Ã¤¿¥¢¥¿¥Ã¥¯¡£
PS:¤³¤Î¹Ö±é¤Î½àÈ÷¤â¤¢¤ë¤Î¤ÇPHPŪ¤Ê¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°Âкö
Íѥɥ¥å¥á¥ó¥È¤¬ºî¤ì¤Æ¤¤¤Þ¤»¤ó¡¢¡¢¡¢
--
Yasuo Ohgaki
=========== °Ê²¼SRA¼Ò¤Î¥»¥ß¥Ê¡¼°ÆÆâ ============
-------------------------------------------------------------------------
¢£ ¥»¥ß¥Ê¡¼¤Î¤´°ÆÆâ
Webmin¤Ë¤è¤ë¥·¥¹¥Æ¥à´ÉÍý¤ÈWeb¥·¥¹¥Æ¥à¤Ë¤ª¤±¤ë¥»¥¥å¥ê¥Æ¥£
=========================================================
¥Ö¥é¥¦¥¶¤«¤é´Êñ¤Ë¥·¥¹¥Æ¥à´ÉÍý¤¬¤Ç¤¤ë¤³¤È¤ÇÃíÌܤò½¸¤á¤Æ¤¤¤ëWebmin¤È
Web¥·¥¹¥Æ¥à´ÉÍý¼Ô¡¢³«È¯¼Ô¤Ëɬ¿Ü¤Î¥»¥¥å¥ê¥Æ¥£¤Ë´Ø¤¹¤ëÃ챤ÈÂкö¤ò¤´¾Ò
²ð¤¹¤ë¥»¥ß¥Ê¡¼¤ò³«ºÅ¤·¤Þ¤¹¡£¤¼¤Ò¤´»²²Ã¤¯¤À¤µ¤¤¡£
Æü»þ 2002ǯ 7·î 30Æü 13:30-17:30
¾ì½ê SRAËܼÒ1F¥Õ¥©¡¼¥é¥à
³«ºÅÃϽ»½ê ÅìµþÅÔËÅç¶èÆîÃÓÂÞ2-32-8
³«ºÅÃÏÃÏ¿Þ http://www.sra.co.jp/public/sra/company/office/hd_office.shtml
¼õ¹ÖÎÁ °ìÈÌ 20,000±ß
¹Ö»Õ ÆüËÜWebmin¥æ¡¼¥¶¡¼²ñÂåɽ ±îÅÄ ÃÒͦ¡Ê¤µ¤ë¤¿ ¤È¤·¤ª¡Ë ÍÍ
ÆüËÜPHP¥æ¡¼¥¶¡¼²ñ Âç³À Ì÷Ãˡʤª¤ª¤¬¤ ¤ä¤¹¤ª¡ËÍÍ
¢£¥¿¥¤¥à¥¹¥±¥¸¥å¡¼¥ë
13:00-13:30 ¼õÉÕ
13:30-13:40 ¤´°§»¢
13:40-14:40 Webmin¤Ë¤è¤ë¥·¥¹¥Æ¥à´ÉÍý
14:40-15:00 µÙ·Æ
15:00-17:30 Web¥·¥¹¥Æ¥à¤Ë¤ª¤±¤ë¥»¥¥å¥ê¥Æ¥£
¢£ Webmin¤Ë¤è¤ë¥·¥¹¥Æ¥à´ÉÍý
Webmin¤ÏWeb¥Ù¡¼¥¹¤ÎUnix¥·¥¹¥Æ¥à´ÉÍý¥Ä¡¼¥ë¤Ç¤¹¡£¥æ¡¼¥¶¡¼´ÉÍý¡¢Apache¡¢
DNS¡¢¥Õ¥¡¥¤¥ë¶¦ÍÅù¡¹¤ÎÀßÄê¤ò¹Ô¤¦¤³¤È¤¬¤Ç¤¤Þ¤¹¡£ºÇ¶á¤Ç¤Ï¤Û¤È¤ó¤É¤Î
Linux¥Ç¥£¥¹¥È¥ê¥Ó¥å¡¼¥·¥ç¥ó¤ÇWebmin¤ò»ÈÍѤ·¤Æ¤ª¤ê¡¢¤Þ¤¹¤Þ¤¹¥Ë¡¼¥º¤¬¹â
¤Þ¤Ã¤Æ¤¯¤ë¤³¤È¤Ç¤·¤ç¤¦¡£Webmin¤Î³µÍפ«¤é´ðËÜŪ¤Ê»È¤¤Êý¤ò¤´¾Ò²ð¤·¤Þ¤¹¡£
¢£ Web¥·¥¹¥Æ¥à¤Ë¤ª¤±¤ë¥»¥¥å¥ê¥Æ¥£
PHP, Apache¤ò¤Ï¤¸¤á¡¢Æü¡¹¿·¤·¤¤¥»¥¥å¥ê¥Æ¥£¡¼¥Û¡¼¥ë¤¬È¯¸«¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
¥Í¥Ã¥È¥ï¡¼¥¯¤ËÀܳ¤µ¤ì¤¿¥³¥ó¥Ô¥å¡¼¥¿¤Ë¤Ï¤µ¤Þ¤¶¤Þ¤Ê¥ê¥¹¥¯¤¬Â¸ºß¤·¡¢¥Í¥Ã
¥È¥ï¡¼¥¯¾å¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Ï¥ê¥¹¥¯¤ò¼õ¤±Æþ¤ì¤¿¾å¤Ç°ÂÁ´¤Ë±¿ÍѤµ¤ì¤Ê¤±¤ì¤Ð
¤Ê¤ê¤Þ¤»¤ó¡£¾¦ÍÑ¥·¥¹¥Æ¥à¤À¤±¤Ç¤Ê¤¯ÌµÎÁ¤ÇÍøÍѤǤ¤ë¥ª¡¼¥×¥ó¥½¡¼¥¹¥·¥¹¥Æ
¥à¤Ë¤â¿¤¯¤ÎÍ¥¤ì¤¿¥»¥¥å¥ê¥Æ¥£¡¼ÂкöÍѤΥġ¼¥ë¤¬Â¸ºß¤·¤Þ¤¹¡£Web¥·¥¹¥Æ
¥à¤Î´ÉÍý¼Ô¤È³«È¯¼Ô¤¬ÃΤäƤª¤¤¿¤¤¡¢¥»¥¥å¥ê¥Æ¥£¡¼Âкö¤Î¹Í¤¨Êý¡¢¥»¥¥å
¥ê¥Æ¥£¡¼¥Û¡¼¥ë¡¢¥ª¡¼¥×¥ó¥½¡¼¥¹¥·¥¹¥Æ¥à¤Ç¹Ô¤Ê¤¦¥»¥¥å¥ê¥Æ¥£¡¼Âкö¤ò¤´¾Ò
²ð¤·¤Þ¤¹¡£
¢£ ¤ª¿½¤·¹þ¤ßÊýË¡
²¼µURL¤«¤é¤ª¿½¤·¹þ¤ß²¼¤µ¤¤
http://www.sra.co.jp/public/sra/event_seminar/seminar2002/020730.html
¢£ ¤ªÌ䤤¹ç¤ï¤»Àè
SRA ¥Í¥Ã¥È¥ï¡¼¥¯¡õ¥µ¡¼¥Ó¥¹¥«¥ó¥Ñ¥Ë¡¼
¥ª¡¼¥×¥ó¥½¡¼¥¹¥½¥ê¥å¡¼¥·¥ç¥óÉô °ðÍÕ
TEL¡§03-5979-2751
Mail¡§pgsql-sales@sra.co.jp
-------------------------------------------------------------------------
-----------------------------------
°ðÍÕ ¹áÍý i-kaori@sra.co.jp
SRA ¥ª¡¼¥×¥ó¥½¡¼¥¹¥½¥ê¥å¡¼¥·¥ç¥óÉô
¢©171-8513 ÅìµþÅÔËÅç¶èÆîÃÓÂÞ2-32-8
TEL:03-5979-2751 FAX:03-5979-2752