> On 18 Jul 2007, at 17:42, Marco van de Voort wrote: > > >> arguments like "the kernel forcing us to do so" will not help us > >> then. > > > > What is the security hole exactly? > > If you install the IDE as setuid root, then every user starting the > IDE will run the IDE as if he were root. That means he can open and > modify every single file on the system. And overwrite any binary with > an own written program by just configuring the proper exe output > directory in the IDE. > > And by using the shell functionality of the IDE, he can also open a > root shell if that's more comfortable for him than using the IDE itself.
That might indeed be slightly too much. OTOH it would make an important point :-) Seriously, in how many distro's is this "feature" active? Can it be turned off? Can we assume that desktop distro's as ubuntu aren't going to do this? _______________________________________________ fpc-devel maillist - fpc-devel@lists.freepascal.org http://lists.freepascal.org/mailman/listinfo/fpc-devel
