Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack bas
--=-lPBxV1ojDQKT/D7di5xv
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
On dim., 2012-12-02 at 21:17 +0100, king cope wrote:
> My opinion is that the FILE to admin privilege elevation should be patche=
d.
> What is the reason to have FILE and ADMIN privileges seperated when
> with this exploit
> FILE privileges equate to ALL ADMIN privileges.=20
Maybe because you might not want admins to have read/write access to the
filesystem anyway?
Regards,
--=20
Yves-Alexis
--=-lPBxV1ojDQKT/D7di5xv
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
iQEcBAABCAAGBQJQu7kMAAoJEG3bU/KmdcClAN4IAJ8JX5GJPN1E4S0oubhMkB5O
IyKVfgHzD446qwpLBlhbQBXWZU3ZLsG2jm7BXWq+8kRiFBKATt3Ank9R1aSBOiN6
DqRqRCNR/9DYW9OcB0EhSv7StZ/+kwfbwadFo4+Pf9B9yItSejHUf9Li0rLBnF7J
7rzFjnggSBsSAMzCMUODL+BIPRrF/M5VQMuvn4vGXQeZYDAoVEIGPfnnHLjZmfFK
t9UtplcaOcP2BsdUUxH4GFw3scES+smhZDOYkbWChHWB0T5trfhQI6bGMg+PLuaO
eQgKnfcBE+n581ZptGkLs+ijSc793u474SWntpSC8GPQLWVfy8o68BFekvNYomc=
=Mm6u
-----END PGP SIGNATURE-----
--=-lPBxV1ojDQKT/D7di5xv--
討論串 (同標題文章)
完整討論串 (本文為第 6 之 6 篇):