The documentation (7.2.1) mentions that allowing absolute paths when
creating a db is a security risk and is off by default.
However, it seems fairly hard to exploit, and I was wondering if anybody
has any examples of how much of a risk this is?
Reason I ask is we're considering turning them on in our server and want
to consider these risks.
Thank You.
--
Hadley Willan > Systems Development > Deeper Design Limited. +64(7)377-3328
hadley.willan@deeperdesign.co.nz > www.deeperdesign.com > +64(21)-28-41-463
Level 1, 4 Tamamutu St, PO Box 90, TAUPO 2730, New Zealand.