also sprach Phillip Hofmeister <plhofmei@svsu.edu> [2002.01.21.1511 +0100]: > Please, everyone flame me if this is a blatant security hole.... consider yourself flamed. > Make your [setuid] shell script secure, non-interuptable.... good luck. there is *a lot* of insecurity in a shell script. you have to be quite an expert to write them secure. and most of the flaws are not at all readily apparent... don't run shellscripts setuid or setgid. -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck stay the patient course. of little worth is your ire. the network is down.
Attachment:
pgprTSC4OEGwz.pgp
Description: PGP signature