[Pkg-awstats-devel] Bug#396452: can't run as root

Charles Fry cfry at debian.org
Sat Jan 13 19:23:35 CET 2007


The security hole of running the cron scripts as root is a matter of
privilege escalation. One should never run a script as root that could
be run with lower privileges, as a bug in the script could lead to a
root exploit.

Your point, in general, is well taken, but the ideal solution is not
obvious to me.

Charles

-- 
If you have
A double chin
You've two
Good reasons
To begin using
Burma-Shave
http://burma-shave.org/jingles/1938/if_you_have
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-awstats-devel/attachments/20070113/4b364e46/attachment.pgp


More information about the Pkg-awstats-devel mailing list