[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [oss-security] Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday

On dim., 2012-12-02 at 21:17 +0100, king cope wrote:
> My opinion is that the FILE to admin privilege elevation should be patched.
> What is the reason to have FILE and ADMIN privileges seperated when
> with this exploit
> FILE privileges equate to ALL ADMIN privileges. 

Maybe because you might not want admins to have read/write access to the
filesystem anyway?


Attachment: signature.asc
Description: This is a digitally signed message part