Comment 3 for bug 387215

This bug has so far resulted in at least 4 exploited servers, though luckily so far apparently only by idiot script kiddies unable to get past the shell at www-data.

We have been using the mitigation of changing the permissions in the relevant place, but it would be nice not to have to do so.