[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Re: [ot] how to create a user that can't log in?

also sprach Phillip Hofmeister <plhofmei@svsu.edu> [2002.01.21.1511 +0100]:
> Please, everyone flame me if this is a blatant security hole....

consider yourself flamed.

> Make your [setuid] shell script secure, non-interuptable....

good luck. there is *a lot* of insecurity in a shell script. you have to
be quite an expert to write them secure. and most of the flaws are not
at all readily apparent...

don't run shellscripts setuid or setgid.

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
stay the patient course.
of little worth is your ire.
the network is down.

Attachment: pgprTSC4OEGwz.pgp
Description: PGP signature

Reply to: