Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!uunet!bfmny0!tneff
From: tneff@bfmny0.BFM.COM (Tom Neff)
Newsgroups: comp.lang.perl
Subject: Re: Trouble with setuid
Message-ID: <15805@bfmny0.BFM.COM>
Date: 27 Aug 90 01:08:28 GMT
References: <^-i2f2.-42@smurf.sub.org> <1990Aug27.181341.425@iwarp.intel.com>
Reply-To: tneff@bfmny0.BFM.COM (Tom Neff)
Lines: 14

In article <1990Aug27.181341.425@iwarp.intel.com> merlyn@iwarp.intel.com (Randal Schwartz) writes:
>Good for it.  It's working properly.  Suid scripts are a dangerous
>security hole.  Don't use'em.  If you haven't disabled setuid scripts
>on your system, do that.  Then, put a little C program wrapper around
>your script with the following program ...

Could someone explain to my dimwitted satisfaction how the security
weakness of setuid scripts is corrected by simply exec'ing the scripts
from a setuid wrapper??

-- 
"Don Mattingly is a superstar, so I can justify  \)(/  Tom Neff
that salary." -- George Steinbrenner, after      >()<  tneff@bfmny0.BFM.COM
signing him for $19.6 million over 5 years.      /)(\  uunet!bfmny0!tneff