Hi. On Tue, 24 Dec 2013 09:59:39 +0100 Raffaele Morelli <[email protected]> wrote: > Yes, I missed this point. > > BTW, as I don't want to rewrite someone else system security rules, let's > say that: MY best practice is to have www-data or any other NON-root user > as the scripts owner.
So, basically you're allowing any php script to rewrite any php script with an arbitrary contents. An interesting policy, to say the least. Reco -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
