Once upon a time, Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx> said: > You're considering only the escalation way to do it, but there are > other ways to exploit code laying around, like when some web pages > don't sanitize the URL enough and end up allowing executing > something in the system, much like sql injection. In those cases, > one could craft URLs to run wget or any other tool that may help the > intruder get even more inside. Down that path lies madness. Are you going to remove /bin/sh? If not, virtually anything else is possible. -- Chris Adams <linux@xxxxxxxxxxx> -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
