[Full-disclosure] CYBSEC - Security Pre-Advisory: Arbitrary File Read/Delete in SAP BC
KF (lists)
kf_lists at digitalmunition.com
Wed Feb 15 13:31:15 GMT 2006
Thats probably not a good idea...
You could end up with a situation like this:
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=324
-KF
>3. Running the JVM setuid root.
>
>
>
Full-Disclosure is hosted and sponsored by Secunia.