Posted by: Anonymous Coward
on December 08, 2005 02:50 AM
There's a reason that setgid scripts are discouraged; unless much care is taken, they tend to let unprivilege users run arbitrary code as root. For instance, it looks to me that running
$ touch 'foo;sh'
$ du 'foo;sh' will give anyone on your system a root shell. You should untaint with greater care.
Learn about Linux
Download Linux
Get Linux help
security problem
Posted by: Anonymous Coward on December 08, 2005 02:50 AM$ touch 'foo;sh'
$ du 'foo;sh'
will give anyone on your system a root shell. You should untaint with greater care.
#