Ho appena trovato questa frase nella documentazione dei file di log di apache :
Anyone who can write to the directory where Apache is writing a log file can almost certainly gain access to the uid that the server is started as, which is normally root. Do NOT give people write access to the directory the logs are stored in without being aware of the consequences; see the security tips document for details.
Come può qualcuno abusare di questo come escalation di privilegi?