On Tue, 2003-10-21 at 12:03, Bijan Soleymani wrote: [...] > For example imagine you make "cat" suid... > > Then someone can do: > cat /bin/rm /bin/cat > cat -rf /
This would just output both /bin/rm and /bin/cat to your screen... if you were to "cat /bin/rm > /bin/cat" you would get [EMAIL PROTECTED]:~$ cat /bin/rm > /bin/cat bash: /bin/cat: Permission denied because piping is done by the shell, not cat. I'm not arguing that this is not unsafe, just that your particular example is incorrect ;-) -Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
