hazards of linking directories
jbn
jbn at wdl1.UUCP
Sat Oct 6 11:25:31 AEST 1984
This is a strong argument against running utilities such as the
line printer spooler as ``setuid to root''. Such programs should
open the file of interest while running as the requestor and then
exec a second program which is set-uid to a service user id which owns
the spooling directory, after which a copy can be performed. This
is a little more complex but much safer.
More information about the Comp.unix.wizards
mailing list