Path: utzoo!utgpu!attcan!uunet!lll-winken!lll-tis!ames!ncar!oddjob!uxc!uxc.cso.uiuc.edu!uicsrd.csrd.uiuc.edu!kai
From: kai@uicsrd.csrd.uiuc.edu
Newsgroups: comp.unix.wizards
Subject: show me
Message-ID: <43200021@uicsrd.csrd.uiuc.edu>
Date: 28 Jul 88 01:53:00 GMT
Lines: 13
Nf-ID: #N:uicsrd.csrd.uiuc.edu:43200021:000:427
Nf-From: uicsrd.csrd.uiuc.edu!kai    Jul 27 20:53:00 1988


I've seen talk about how unsafe setuid shell scripts are, but haven't ever
seen any examples that prove this.  Would someone please explain to me know
why, as a system administrator, I shouldn't ever use setuid/setgid shell
scripts?

Are these problems specific to particular versions of UNIX, or particular
shell types (sh, csh, ksh, perl) or version of those shells?

	Thanks,

	Patrick Wolfe
	pwolfe@kai.com
	kailand!pwolfe