On Wed, 09 Jul 2008 22:02:31 +0200, Carlos E. R. wrote:
No, it prevents a program initiated by the system, a program serving some service, from accessing things it was not designed to access. And it doesn't mean the user did something wrong: it may be that a cracker found a hole and violated apache.
I see. So the system initiates programs - sometimes programs that are untrusted? Perhaps sometimes programs that are *infected* with something?
Even if an on-access-scanner scanned the apache binary chances are it wouldn't find anything wrong... because linux binaries are very diverse.
Sure, but it wouldn't be the apache binaries that were at issue. It'd be whatever it was that apache *called* that behaved badly. Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org