vulnerability of Linux

Steffen Kluge kluge at
Thu Dec 1 03:46:19 UTC 2005

On Thu, 2005-12-01 at 00:06 +0800, John Summerfied wrote:
> >>I had some difficulty accessing material outside of /var/www as user 
> >>Apache, on WBEL.
> > 
> > Maybe exploiting the hypothetical kernel bug doesn't require access to
> > anything particular in the filesystem...
> It's pretty hard to do anything local without access to the local 
> filesystem:-)

User apache does have access to the local filesystem, just not outside
the jail. However, file access helps but isn't necessarily required to
exploit bugs in the kernel. There are plenty of callable kernel routines
that have nothing to do with file i/o.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the fedora-list mailing list