Benjamin J. Weiss <mailto:[EMAIL PROTECTED]> wrote:
> > Let's say you are running two machines - a Linux box running Apache > > and a Windows box running IIS. Apache runs as an unprivileged user > > while IIS runs as root. Now, let's say an exploit comes out on the > > same day for both Apache and IIS, both allowing a full shell access > > onto the box. > > It gets worse. Under the new version of IIS that's just getting > ready to come out, IIS doesn't just run as a system service, it is > actually being made part of the Windows Server kernel! This means > that if somebody manages to hack IIS, they are immediately acting as > part of the OS. <shudder> But MS said they are going to start paying attention to security. I don't think there's anything to worry about. Just kidding. Chris. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
