Package: php4-common Severity: normal Permissions of /var/lib/php4 do not seem "right":
$ dpkg -c php4-common_4.3.10-18_i386.deb | grep /var/lib/php4 drwx-wx-wt root/root 0 2006-11-04 08:56:34 ./var/lib/php4/ I wonder if this could be used for "normal" users to attack PHP (by creating random files in there). Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-spm1.6 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
