DAV
Alan Cox
alan at redhat.com
Thu Oct 7 19:04:13 UTC 2004
On Thu, Oct 07, 2004 at 07:58:20PM +0100, Joe Orton wrote:
> It's not CGI scripts which is the issue, the issue is whether or not an
> OpenSSL buffer overflow gives you remote root or just the privileges of
> the "apache" user as it currently does.
That would be a problem yes. You'd end up with apache able to access any
files in the system. I guess mod_webdav should never have been mod_
More information about the fedora-devel-list
mailing list