Re: DAV

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Development discussions related to Fedora Core <fedora-devel-list@xxxxxxxxxx>
Subject: Re: DAV
From: Alan Cox <alan@xxxxxxxxxx>
Date: Thu, 7 Oct 2004 15:04:13 -0400
In-reply-to: <20041007185820.GA6731@redhat.com>
List-archive: </archives/fedora-devel-list>
List-help: <mailto:fedora-devel-list-request@redhat.com?subject=help>
List-id: Development discussions related to Fedora Core <fedora-devel-list.redhat.com>
List-post: <mailto:fedora-devel-list@redhat.com>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-devel-list>, <mailto:fedora-devel-list-request@redhat.com?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-devel-list>, <mailto:fedora-devel-list-request@redhat.com?subject=unsubscribe>
References: <1097133615.2789.12.camel@laptop.fenrus.com> <1097154001.13339.24.camel@moss-spartans.epoch.ncsc.mil> <20041007142526.GC1411660@hiwaay.net> <20041007144403.GA1073@osiris.silug.org> <41655831.4040908@math.unl.edu> <20041007154910.GA27709@redhat.com> <20041007155727.GA12649@devserv.devel.redhat.com> <20041007164138.GB6445@redhat.com> <20041007165136.GA9811@devserv.devel.redhat.com> <20041007185820.GA6731@redhat.com>
Reply-to: Development discussions related to Fedora Core <fedora-devel-list@xxxxxxxxxx>
User-agent: Mutt/1.4.1i

On Thu, Oct 07, 2004 at 07:58:20PM +0100, Joe Orton wrote:
> It's not CGI scripts which is the issue, the issue is whether or not an
> OpenSSL buffer overflow gives you remote root or just the privileges of
> the "apache" user as it currently does.

That would be a problem yes. You'd end up with apache able to  access any
files in the system. I guess mod_webdav should never have been mod_

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Follow-Ups:
- Re: DAV
  - From: Colin Walters

References:
- Re: SELinux should be off by default in FC3
  - From: Arjan van de Ven
- Re: SELinux should be off by default in FC3
  - From: Stephen Smalley
- Re: SELinux should be off by default in FC3
  - From: Chris Adams
- Re: SELinux should be off by default in FC3
  - From: Steven Pritchard
- Re: DAV
  - From: Rex Dieter
- Re: DAV
  - From: Joe Orton
- Re: DAV
  - From: Alan Cox
- Re: DAV
  - From: Joe Orton
- Re: DAV
  - From: Alan Cox
- Re: DAV
  - From: Joe Orton

Prev by Date: Re: SELinux should be off by default in FC3
Next by Date: Re: DAV
Previous by thread: Re: DAV
Next by thread: Re: DAV
Index(es):
- Date
- Thread

[Index of Archives] [Fedora Announce] [Fedora Kernel] [Fedora Testing] [Fedora Formulas] [Fedora PHP Devel] [Kernel Development] [Fedora Legacy] [Fedora Maintainers] [Fedora Desktop] [PAM] [Red Hat Development] [Gimp] [Yosemite News]