* Larry Cashdollar <[EMAIL PROTECTED]> wrote: > Read the first post by Luiz. This is only applicable if your running > apache chrooted and htpasswd is part of that chrooted environment.
(1) I've read his post, I answered and my answer never appeared on FD. (2) It's just FUD. Show me a concrete scenario, where a non-setuid htpasswd breaks out of a correctly chrooted environment. nd -- Winnetous Erbe: <http://pub.perlig.de/books.html#apache2> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html