> >> Could someone point me to a page that gives information about all the >> pitfalls that are "available" when running a Perl or CGI script with the >> suid bit set? >
<snip - the expected stuff> :) > If you really need setuid processes - then one of the > principle tricks remains to have them 'spawned' from a > nice harder to hack piece of compiled 'c' code. So, basically, call a compiled c-code from my Perl-script, and have the compiled c-code start the suid process? [localhost:~/pictures] tor% cc cc: No input files [localhost:~/pictures] tor% c++ c++: No input files Ah :) Now I only need to learn how to program either C or C++ :) The WWW security faq had an example, I'll work from that. Thanks :) Tor -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]