--On Wednesday, October 16, 2002 19:48:33 +0100 Ged Haywood
<[EMAIL PROTECTED]> wrote:
> Hi there,
>
> On Wed, 16 Oct 2002, Joerg Plate wrote:
>
>> >> Is it true that you can kill the whole server, not just the
>> >> script if you do something wrong with mod_perl?
>>
>> > Yes, I'm afraid it is.
>>
>> How?
>
> For example by swallowing all the memory, by consuming all the CPU,
> and of course by making root access available to the world through
> careless programming practice...
>
> Need I continue?
Yes, please explain how careless programming practice can make root
access available to the world. Apache by default runs under the
unpriviliged user 'nobody', seems to me that giving root access to
the world would require running Apache as root, not something which
can be achieved only by careless programming. Am I missing something?
--
Eric Cholet
