Comment 1 for bug 129920
Revision history for this message
| Ante Karamatić (ivoks) wrote Re: [Bug 129920] Re: /var/lock/apache2 has wrong owner and group for webdav | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Christian Riesch wrote:
> Is it a good idea to fix it like this?
Without looking at the code - *no*. This will enable exploit in web
application to corrupt locking mechanism. For the same reason, web pages
aren't owned by www-data.
I'll take a look at this...