At 10:53 PM +0800 2005-04-28, Robin L Darroch wrote:
I know this is going a bit off-topic, but I'm curious to know why the SETUID bit is - in and of itself - a serious security risk.
Surely as long as the process in question is appropriately secure,
Looking at it a different way, how do "modern Unix systems" enable an ordinary user to achieve anything that would need admin permissions along the way?
-- Brad Knowles, <brad@xxxxxxxxxxxxxxxxxxx>
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.