Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
----- Original Message -----
From: Andres Salomon <email@example.com>
To: Kevin <firstname.lastname@example.org>
Sent: Monday, January 08, 2001 9:37 PM
Subject: Re: 'export RESOLV_HOST_CONF= any file you want' local
> try it w/ traceroute. lotsa fun, and it works
> on mandrake, too.
> things like this make me glad i don't have to deal w/ untrusted
> customers that have shell access...
Well, there are plenty of webhosters outside, who grant cgi-bin (perl) or
php access. Executing as the webserveruser should be no different to real
but i could not verify this problem with fping on debian potato..