|
|
|
|
|
|
by bjackman
44 days ago
|
|
|
Yes but what I'm saying is that copy.fail is a minor detail in this scenario. If you are running Ninja Forums you need to run it in its own VM so that if it gets compromised _you don't care if it has uid=0_. You need to do that regardless of copy.fail. Now that you've patched copy.fail, there are loads and loads of other vulns that can be used the same way. |
|
|