> um ... doesn't that make it a *remote* privilege escalation ? in a certain way... you're right... although that requires the user complicity, strictly speaking, you're right. The guy who would manage to remotely root a box with that vulnerability would be really good. The real serious risk is local only. (think about all that unpatched linux boxes in the universities...) Cheers, -- Raphaël Marichez aka Falco
Attachment:
pgphEpAS0Jy9p.pgp
Description: PGP signature