Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!rutgers!mailrus!uflorida!haven!mimsy!chris
From: chris@mimsy.UUCP (Chris Torek)
Newsgroups: comp.unix.wizards
Subject: Re: set-id scripts
Message-ID: <14048@mimsy.UUCP>
Date: 18 Oct 88 21:56:59 GMT
References: <467@gould.doc.ic.ac.uk> <12843@ncoast.UUCP>
Organization: U of Maryland, Dept. of Computer Science, Coll. Pk., MD 20742
Lines: 8

In article <12843@ncoast.UUCP> allbery@ncoast.UUCP (Brandon S. Allbery) writes:
>... ALLOWING SETUID SHELL SCRIPTS IS A SECURITY HOLE.

Minor nit: not `allowing' but rather `having', at least in all current
implementations that allow it.
-- 
In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 7163)
Domain:	chris@mimsy.umd.edu	Path:	uunet!mimsy!chris