Re: install screensaver with setuid root

[Rob Mahurin <robm@mad.scientist.com>]

On Sat, May 05, 2001 at 08:33:38PM +0200, Alex Suzuki wrote:
> On Sat, May 05, 2001 at 12:42:36PM -0500, John Hasler wrote:
> > Even if the application itself is free of buffer overflows and such you
> > would be granting root access to wads of unaudited and buggy library code.
> 
> yeah, I guess you're right... too bad I love that screensaver :)

You should probably file a bug on the package, if it's not useable
without introducing a security risk.  Perhaps someone more familiar
with the code could seperate out the part that needs special
privileges into a seperate setuid program.

Rob

-- 
Subtlety is the art of saying what you think and getting out of the way
before it is understood.