* [EMAIL PROTECTED] (Guy Cohen) [Wed 02 Oct 2002, 02:14 CEST]:
> suexec suppose to guard you from unprivileged programs (among other things),
> by letting you configure a safe_path of execution. However, if a user is
> able to link, she can create a link to files outside of the safe_path and
> then execute them.
And if a user is allowed to install a program that will be executed by
the web server, that program can be written equally well to just execute
something in a different location.
In other words: your point?
-- Niels.
--
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
