On Tue, 21 Oct 2003 18:20:22 +0200, Bijan Soleymani wrote: > On Tue, Oct 21, 2003 at 11:34:52AM -0400, Roberto Sanchez wrote: > For example imagine you make "cat" suid... > > Then someone can do: > cat /bin/rm /bin/cat
Interesting attack in theory, but it doesn't work. the correct command is cat /bin/rm > /bin/cat and when you run that command, the pipe is handled by the unprivileged shell. > cat -rf / -- I usually have a GPG digital signature included as an attachment. See http://www.gnupg.org/ for info about these digital signatures. My key was last signed 10/14/2003. If you use GPG *please* see me about signing the key. ***** My computer can't give you viruses by email. *** -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
