On Monday 11 April 2005 14:36, Chris Kenward wrote: > > 100% Correct. What I cannot understand is how the file would have > been transferred. Would it have been possible that the hacker > used Apache on the box and simply uploaded the file? The mind > boggles. > If you allow the users to install their own executables; *.cgi, *.php, etc. it's possible that a security hole has been introduced. For example, recent problems with various PHP packages allow almost any file to be pulled from the computer (e.g.etc/passwd, /etc/shadow) and files to be placed on the computer's hard drive. Regards, Mike Klinke -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
