Marc Herbert wrote: > If the shell was "real" programming language, then we would not have > such a massive ban on setuid scripts (I am not saying setuid is a > great feature, this is not the point here; the point is why is the > shell the only language under such a ban?)
The shell isn't the only one that introduces a security vulnerability on most systems when setuid. All interpreters are the same in that regard. On systems where you shouldn't suid scripts then you shouldn't suid any of the set of sh/perl/python/ruby scripts either. I think most people would consider at least one of those in that set a real programming language. :-) Bob
