Re: [SM-USERS] Why is the group SUID bit set on 1.4.2?

Chris Hilts Mon, 05 Jan 2004 20:13:19 -0800

>> This would appear to be a security risk. I don't see any reason for
>> it and 1.4.1 didn't have this set.
>
>> Is this required, or was someone being naughty?
>
>   You failed to mention how you installed SM. All my files pulled
>   directly from CVS are not SUID. So I'm guessing it might be the way
>   it's packaged.


PHP files are not executable, so setuid is meaningless anyway.  What files
are you finding setuid?  You just said 1.4.2.  You mean all the files?

-- 
Chris Hilts
[EMAIL PROTECTED]


-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id78&alloc_id371&op=click
--
squirrelmail-users mailing list
List Address: [EMAIL PROTECTED]
List Archives:  http://sourceforge.net/mailarchive/forum.php?forum_id)95
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users

Re: [SM-USERS] Why is the group SUID bit set on 1.4.2?

Reply via email to