On Thu, 19 Apr 2007, Bernd Eckenfels wrote: > In article <[EMAIL PROTECTED]> you wrote: > > Perhaps -- until your httpd is compromised via a buffer overflow or > > simply misbehaves due to a software or configuration flaw, then the > > assumptions being made about its use of pathnames and their security > > properties are out the window. > > Hu? Even a compromised httpd (especially a compromised httpd) is bound to > the app armor policies. This means it cannot (for example) write to > /var/www/* - if it never needed to at normal/profiling time.
This has been addressed several times already, please read the full thread. - James -- James Morris <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
