INFO-UNIX Digest V8#100
danl at midget.towson.edu
danl at midget.towson.edu
Tue Oct 24 15:19:35 AEST 1989
Chris Torek <chris at mimsy.umd.edu> writes:
>On all of the BSD derivatives on which setuid scripts run setuid,
>all such setuid scripts are not secure.
Ok Chris, so I could be wrong (it certainly wouldn't be the first time),
but please explain why. How are they not secure (with proper planning)?
And how are they any more secure if they are first run from a C program
which exec's the shell?
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Dan Gosner Internet: danl at midget.towson.edu
Operations Manager DGosner at TOE.TOWSON.EDU
Towson State University Bitnet: DGosner at TOWSONVX
Academic Computing
Towson, Maryland 21204
%% VMS pays the bills, but Unix is where my real work gets done. %%
***************************************************************************
More information about the Comp.unix.questions
mailing list