|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Filipe Almeida (filipe
rnl.ist.utl.pt)Date: Sun Jun 23 2002 - 10:07:04 CDT
Well... Seems I rushed the mail out.
You can kill the httpd childs but you can't ptrace them because the processes
are not dumpable.
At 10:13 23-06-2002 -0400, Michal Zalewski wrote:
>On Sun, 23 Jun 2002, Filipe Jorge Marques de Almeida wrote:
>Not exactly. You are having access to the httpd child process, not a
>spawned CGI script. This means that you control some interesting goods,
>such as file descriptors, or... oh well, the child process itself. Think
>about serving spoofed contents to all requests? Besides, suexec is pretty
>popular nowadays.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]