On Tue, 3 Jul 2001, Joost Pol wrote:
> Well, two changes do occur.
>
> 1. User could obtain the uid of the webserver. (nobody access)
>
> In a decent configured hosting machine, the impact would be minor.
>
> And *all* hosting machines are configured decently, right? (:
What do you exactly intend with "minor impact"? A user with the uid of the
webserver can at least kill the webserver itself... This should definitely
be an issue for a web hosting provider.
:raptor
Antifork Research, Inc. @ Mediaservice.net Srl
http://www.0xdeadbeef.eu.org http://www.mediaservice.net
