On Wed, 25 Apr 2007, haim [howard] roman wrote:
> Regarding (b), even if you run the server as root, you can change the
> owners &/or groups of the files so that non-root users can change them.
It may happen that controlling configuration files is enough to force
the application to do nasty things ...
> Regarding (b), even if you run the server as root, you can change the
> owners &/or groups of the files so that non-root users can change them.
It may happen that controlling configuration files is enough to force
the application to do nasty things ...
[ more ]