-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tuesday, March 11, 2003, at 01:36 AM, Ryan Thompson wrote:
When one does not know Perl, one uses C programs, I suppose. They are real binaries, and can be suid. It works.
Just mind your security...
:-) I'll second that. I'm just shuddering at the thought a production server somewhere with a whole platoon of 10- or 20-line quickly hacked and poorly maintained C programs, all suid root. Not saying that shell scripts can't be quickly hacked or poorly maintained either, but at least their correctness is typically a little easier to verify, and you don't normally have to worry about unfortunate things like buffer overflows.
I'd also like to remind the original poster about the security risks associated with suid binaries. There are many subtle ways in which suid binaries can bite one in the ass... especially where other local users are present.
Is just learning Perl an option here? Perl scripts aren't binaries - to my understanding at least. Will they also be denied by the OS? If Perl will solve the problem, I'll just learn it sooner than I had planned :-)
Thanks for all your help!
Paul D. Lathrop -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (Darwin)
iD8DBQE+bYaWlos2supvBQwRAgxhAJwOvyqtUgrkdVc6AQ6LYNQAf11VDgCdGQbW aVPiBgV0+6AsQzzJf+kjUqM= =qXzM -----END PGP SIGNATURE-----
To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
