Xref: utzoo news.admin:4083 news.sysadmin:1693 comp.mail.uucp:2361
Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!uflorida!novavax!proxftl!twwells!bill
From: bill@twwells.uucp (T. William Wells)
Newsgroups: news.admin,news.sysadmin,comp.mail.uucp
Subject: Re: Dangerous hole in Usenet!
Message-ID: <215@twwells.uucp>
Date: 27 Nov 88 08:28:19 GMT
References: <1971@van-bc.UUCP> <572@comdesign.CDI.COM> <5517@medusa.cs.purdue.edu> <561@redsox.UUCP>
Reply-To: bill@twwells.UUCP (T. William Wells)
Organization: None, Ft. Lauderdale
Lines: 13

In article <561@redsox.UUCP> campbell@redsox.UUCP (Larry Campbell) writes:
: What's all this about writing gobs of code to decipher some new shar format?
: Why not just chroot(2) to a safe place before feeding the article to sh?

Because you have to be superuser to chroot. I'm not about to have
chroot(1) be setuid root, so that means writing a special setuid root
program that just chroots so I can then unshar my mail maps.  And that
means having One More setuid root program running around on my system.
No thanks.

---
Bill
{uunet|novavax}!proxftl!twwells!bill