On Thu, 2005-12-01 at 00:06 +0800, John Summerfied wrote: > >>I had some difficulty accessing material outside of /var/www as user > >>Apache, on WBEL. > > > > Maybe exploiting the hypothetical kernel bug doesn't require access to > > anything particular in the filesystem... > > It's pretty hard to do anything local without access to the local > filesystem:-) User apache does have access to the local filesystem, just not outside the jail. However, file access helps but isn't necessarily required to exploit bugs in the kernel. There are plenty of callable kernel routines that have nothing to do with file i/o. Cheers Steffen.
Attachment:
signature.asc
Description: This is a digitally signed message part
