Robert Ransom: > If your web server and all of the interpreters and programs it runs are > competently written, there is no way for an attacker to get root > access, or even run a shell command. Web applications and the > special-purpose interpreters they run on are often incompetently > written.
I've noticed that on most Linux distributions, Apache 2 (just an example) runs as a non-privileged user on the system. Though one Apache 2 process does run as Root, but it spawns unprivileged process children. So if it was to be a flaw in Apache 2, or PHP, that an attacker knew about, would he then be able to gain Root access if the software runs as a non-Root user? > I select the message I want to reply to, and then I click the âReplyâ > button in my mail client's toolbar. The same as I do. It must be my mail provider that sucks. :) Thanks for all your help BTW! *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/