Re: Remotely edit user disk quota



for running telnet - even in a "secure" (ha!) environment - when so much
better alternatives exist.

Let me shoot you a hypothetical: your webserver gets compromised.

Something I pointed out earlier.

and what? assuming it will actually be possible to get root access at all
because of bug it such buggy things like PHP, mysql etc. (unlikely) what he will do?

arp attack from within jail?

But just please accept that other people are DIFFERENT than you.

You prefer just repeating things that you considered "simply the best" once (like ssh), i prefer something more.
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"



Relevant Pages

  • Re: [Full-disclosure] Fwd: FreePBX Unfounded RCE PoC or rather Misguided PoC maybe ?
    ... OK well, after trying again with the php code, but corrected php code, i ... dont think it is possible to save a page.. ... I have written 3 or so PoC's for this and also for another bug in this, ... allowed to specify a path to upload a file to. ...
    (Full-Disclosure)
  • Bugfix(59/8=APNIC), math jobs (was: JDEE/CGI/flashcards ...)
    ... bug report so I could fix the problem quickly. ... > Note that I said it "looks" incomplete and buggy, ... > high math skills. ...
    (comp.lang.lisp)
  • Re: php extensions compile error - another compile bug?
    ... Re: php extensions compile error - another compile bug?: ... Is not triviality is a matter of perspective? ... AFFECTS: users of PHP ... and shared extensions to allow more flexibility and add new features. ...
    (freebsd-questions)
  • Re: Local vulnerability in suexec + FastCGI + PHP configurations
    ... are vulnerable to a local exploit, where anyone with the ability to run code as the user the webserver runs as can gain access as any user with an account set up to run PHP. ... This is unlikely to be a problem for many local attackers, because there are a multitude of possible attack vectors, such as SSI, non-suexec CGI scripts, non-suexec PHP, and likely numerous other options. ... Once the attacker can run code as the same user the webserver runs as, he can make the webserver do whatever he wants. ... It should be noted that while this is a vulnerability in a way of installing PHP, it appears that there is no way to securely set up a suexec + FastCGI + PHP installation using an unpatched version of PHP and so it is hoped that the PHP developers will reconsider in time. ...
    (Bugtraq)
  • Multibyte Wackiness on RHEL
    ... should upgrade to PHP 5.2. ... Test DateTimeZone::listIdentifiers function: basic functionality ... SPL: ... Bug #48770 fails to call parent from inheriting ...
    (comp.lang.php)