Am 21.08.2009 um 23:24 schrieb R P Herrold: > On Fri, 21 Aug 2009, Gregory P. Ennis wrote: > >> place. I looked like the hacker downloaded his paypal spoof files >> into >> a subdirectory of /var/www/phpmyadmin >> >> I am running 5.3 with all current updates. > > and third party software as well. > > We do not ship phpmyadmin, and clearly and repeatedly caution > against it in the IRC channel -- its CVE history is > appalling, and people are just not willing to remove it, or > limit it to just a specific IP (not that I expect its ACL > model to work either) Is there an alternative? I do think that it's the Internet Explorer of OSS. The General Public loves it, the admins hate it - but use it nevertheless.... Because there's no alternative. Rainer