[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Password policy.

On 14/11/18 10:25 pm, Corey Manshack wrote:
> So using the file uploader tool we can inject many more dangerous scripts and codes to gain higher access than just “reading” /etc/shadow if the uploader tool is running as privileged user or we gained privilege escalation another way.

Sure, I never said it was a good example...

In any case, weak passwords as per the "recommendation" are surprising
to say the least.


Reply to: