Isn't this a bit of a stretch? > Many programs that use setuid() can be exploited this way. For example, > you lose all security if you use the chdir()/setuid() mechanism > suggested by Steve Bellovin and Gene Spafford. *All* security? Maybe I'm particularly dense this evening, but I don't see how tracing execution causes you to lose "all security" unless you are defining that term very differently from the way I do. --spaf
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:28:48 PDT