On Thu, Aug 02, 2001 at 02:24:30PM -0400, Steven M. Bellovin wrote:
> >> if the buffer overflow allows execution of code. So just start with "#!/bin/
> >sh"
> >> and it will run on every platform, can modify /etc/inetd.conf, HUP it, and
> >> voila, your shell on some port is open...
> >
> >you run your web server as root?  then you get what you deserve. :)
> >
> 
> It's worth noting that the effects of the current Code Red worm would 
> be identical if it were running as "www".  It spread, which requires 

if you see what i quoted, i wasn't talking about code red, i was talking about
what he said about the scripts.

-brian