Sloan wrote:
Aaron Kulkis wrote:
If, say, apache has a flaw that allows a shell to be forked off, and
apache is running as root, then there you go: root shell.
I'm certain that suse has never shipped a distro where apache runs as root.
Not by default, but that doesn't mean much.
Try this:
$ su
password
# /etc/init.d/apache start
That's just one of many ways to start apache as root. If the person
setting up a website was reading a book written by someone
who is relatively clueless, then you have a situation which
can best be described as "The blind leading the naked."
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
