In article <[EMAIL PROTECTED]> you wrote: > Perhaps -- until your httpd is compromised via a buffer overflow or > simply misbehaves due to a software or configuration flaw, then the > assumptions being made about its use of pathnames and their security > properties are out the window.
Hu? Even a compromised httpd (especially a compromised httpd) is bound to the app armor policies. This means it cannot (for example) write to /var/www/* - if it never needed to at normal/profiling time. Gruss Bernd - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
