On Wed, 6 Sep 2000, R. W. Rodolico wrote:
> mv /etc/init.d/mysql /etc/init.d/mysql.original
> echo #! /bin/bash > /etc/init.d/mysql
> chmod 777 /etc/init.d/mysql
Ouch, I hope you mean 755 or at least 775. Permissions 777 would allow any
user to write to the file. A user could simply watch for the creation of
such a file and modify it before you run the script - this is an easily
exploitable security hole.
-chet
-----
yet he has sorcery
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]