danl@midget.towson.edu (10/24/89)
Chris Torek <chris@mimsy.umd.edu> writes: >On all of the BSD derivatives on which setuid scripts run setuid, >all such setuid scripts are not secure. Ok Chris, so I could be wrong (it certainly wouldn't be the first time), but please explain why. How are they not secure (with proper planning)? And how are they any more secure if they are first run from a C program which exec's the shell? +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Dan Gosner Internet: danl@midget.towson.edu Operations Manager DGosner@TOE.TOWSON.EDU Towson State University Bitnet: DGosner@TOWSONVX Academic Computing Towson, Maryland 21204 %% VMS pays the bills, but Unix is where my real work gets done. %% ***************************************************************************