Regardless of the feasibility of exploitation in Toast 7, it's still a bug. There are no guarantees that the vulnerable code will not be exposed to users with less privileges in a future version of the product. Making system() calls without a full path from a suid root binary is just asking for trouble. You should fix it.
Alex _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
