Subject: Re: new rlogin security hole
To: VaX#n8 <>
From: Perry E. Metzger <>
List: current-users
Date: 08/19/1996 10:58:42
VaX#n8 writes:
> Anyone want to volunteer to help do security checks on all the
> SUID programs?  I'd at least like to document why each one has to be
> SUID (in the manpage), so you can decide if you need it SUID or not.

I'd say that an fgrep for strcpy, sprintf and a few others might get
about 90% of the bugs...