On Tue, Apr 29, 2014 at 12:33 PM, Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote: > simple example: > > * binary XYZ is vulerable for privilege escalation This makes no sense... > * we talk about a *local* exploit until now ...I don't even know what you're trying to say here... > * a bad configured webserver allows system-commands through a php-script > and i consider that you google for the /e modifier ...and this is already sufficient for a remote exploit. Can we please move all discussion of "Zomg! This feature would take an existing security hole and turn it into a security hole with exactly the same impact" into its own thread or just stop it entirely? All it does is distract from real discussion. --Andy -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
