Antonio Rodriguez wrote:
> I noticed that when installing cgiemail it is set as owned by root,
> same as other scripts simultaneously installed in /usr/lib/cgi-bin
> The danger of being root owned would be in the fact that it can
> virtually do anything.
no, it can't. If root owns an executable
On Mon, Nov 29, 2004 at 12:49:30AM +0200, Black Dew wrote:
> Antonio Rodriguez wrote:
> >I noticed that when installing cgiemail it is set as owned by root,
> >same as other scripts simultaneously installed in /usr/lib/cgi-bin
> >I figure this is right, I would be surprised if i were the first
> >
Antonio Rodriguez wrote:
I noticed that when installing cgiemail it is set as owned by root,
same as other scripts simultaneously installed in /usr/lib/cgi-bin
I figure this is right, I would be surprised if i were the first
finding a bug, but I don't see why it makes it safer than installing
it a
I noticed that when installing cgiemail it is set as owned by root,
same as other scripts simultaneously installed in /usr/lib/cgi-bin
I figure this is right, I would be surprised if i were the first
finding a bug, but I don't see why it makes it safer than installing
it as owned by www-data:www-d
4 matches
Mail list logo
