On 1/26/07, Zed A. Shaw <[EMAIL PROTECTED]> wrote: > I'd like to know the following from the FreeBSD crew: > > 1) Are there any potential malicious potentials to this? I don't assume any > intent, but would like to know if I need to rush out a fix if there's a > hackable problem with this (even theoretical).
Only if there is some way to change the arguments to sysctl, and then only if you are root. As far as I know most of the kernel states are readable via sysctl by any user. > 2) What would be the un-ghetto way to do this same check? There probably isn't one, as several of the freebsd rc scripts do basically the same thing. Chris _______________________________________________ Mongrel-users mailing list Mongrel-users@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-users
