1 |
Alerts wrote: |
2 |
|
3 |
> We have to remember why setuid exists in the |
4 |
> first place. It actually enhances security by discouraging the |
5 |
> widely lamented practice of spending too much time as root. |
6 |
|
7 |
So is sudo. Unfortunatly, setuid actually failed to enhance security. |
8 |
http://www.google.com/search?q=linux+setuid+security+hole&start=0&start=0&ie=utf-8&oe=utf-8 |
9 |
|
10 |
-- |
11 |
Grégoire Welraeds |
12 |
|
13 |
Unix System Engineer |
14 |
d'Ieteren SA |
15 |
|
16 |
Tel: +32-2-536.56.73 Fax: +32-2-538.99.57 |
17 |
|
18 |
Rue du Mail 50 |
19 |
B-1050 Brussels |
20 |
|
21 |
|
22 |
DISCLAIMER: The content of this e-mail message does not constitute a |
23 |
commitment |
24 |
of S.A. D'Ieteren N.V. This e-mail and any attachments thereto may contain |
25 |
information which is confidential and/or protected by intellectual property |
26 |
rights and are intended for the intended recipient only. Any use of the |
27 |
nformation contained herein ( including, but not limited to, total or |
28 |
partial |
29 |
reproduction, communication or distribution in any form ) by persons other |
30 |
than the designated recipient(s) is prohibited. If an addressing or |
31 |
transmission error has misdirected this e-mail, please notify the author, |
32 |
either by telephone or by e-mail and delete the material from any computer. |
33 |
|
34 |
|
35 |
-- |
36 |
gentoo-security@g.o mailing list |