Ed Greshko: >> Depending on the type of web pages you serve you may find there to be a >> buffer overflow vulnerability which gives an attacker a shell and allows >> them to execute arbitrary commands as "apache". >> >> I smell "danger Will Robinson"! Gary Stainburn: > You do have a valid point, but this is a non-public low-risk server used for > internal admin stuff. Though that may lead to complacency, and someone may find a way to cause you problems that you hadn't thought of. You are probably far better finding a way to run your command as some other user, triggered by your risky apache user. Generally, risky users are prevented from being able to run things for good reasons; and you're best not to shred your security blankets for the sake of convenience, now. -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
