|
Search tenon.com
Thanks to:
|
|
WebTen
Re: Apache Vulnerability in WebTen
On Monday 24 June 2002 04:23 pm, you wrote:
> This is absolutely not true. WebTen's Apache runs as user "nobody". Any
> "arbitrary code" would be run as user nobody as well. Applications
> running as the restricted user "nobody" have limited access to to the
> filesystem -- on a typical Unix system (WebTen is a Unix system at its
> core, so this applies), no files or directories are owned by the user
> nobody. Furthermore, files on your Macintosh filesystem are assigned Unix
> ownership of Pass/webten.
THat may be true for user "nobody" but it has nothing to do with the apache
problem. re-read the cert - assumption of root is usually the object of most
such hack attempts, for your future reference. What do you think arbitrary
code is ?
--
Robert Brandtjen
--------------------------------------
Web Site Creation and Hosting Services
Hostmaster@xxxxxxxxxxxxxxxxxxx
www.prometheusmedia.com
|
| Tenon Home |
Products |
Order |
Contact Us |
About Tenon |
Register |
Tech Support |
Resources |
Press Room |
Mailing Lists |
|
Copyright©2003 Tenon Intersystems, 232 Anacapa Street, Suite 2A, Santa Barbara,
CA 93101. All rights reserved.
Questions about our website - Contact:
webmaster@tenon.com.
|
|
