[896] in linux-security and linux-alert archive
Re: [linux-security] joy
daemon@ATHENA.MIT.EDU (Gregory Massel)
Fri Jul 12 11:33:39 1996
Date: Thu, 11 Jul 1996 01:48:05 +0200 (GMT+0200)
From: Gregory Massel <greg@csurf.co.za>
To: Uri Blumenthal <uri@watson.ibm.com>
cc: Jordy <jordy@thirdwave.net>, linux-security@tarsier.cv.nrao.edu
In-Reply-To: <9607101736.AA20976@hawpub.watson.ibm.com>
On Wed, 10 Jul 1996, Uri Blumenthal wrote:
> > never run a shell script from a setuid program
>
> Oh, there still are those who do? What's their IP addresses? (:-)
Forgive me if I'm wrong here, but aren't there cases where this is
needed? An example is the /etc/ppp/ip-up script that is run by pppd.
Such a script must be run setuid root so that you can use it to add
routes etc.
Regards
Greg
-------------- Gregory Massel --------------
CyberSurf Technologies cc
E-Mail: greg@csurf.co.za
Tel: +27 31 207-3034 Fax: +27 31 29-4709
After hours, Tel: +27 31 81-4273
--------------------------------------------