Subject: Re: Removing dm(1)
To: Scott Reynolds <>
From: Curt Sampson <>
List: current-users
Date: 11/18/1997 12:17:11
On Tue, 18 Nov 1997, Scott Reynolds wrote:

> > The security issue is worth looking at - would it be easier to just make
> > the games that need to do this setuid games, and remove dm, so that
> > games that aren't playing with score lists are safer?
> easier?  probably not much, as many of them still need a security sweep
> anyway.

Why does a non-suid program need a security sweep anyway?

> there is at least one security issue existing in the current code.  i
> invite y'all to come up with an alternative to running dm(8) setuid,
> but retain its function.

I understand that you have already come up with such a scheme; why
don't you spell it out? Or are you trying to protract this


Curt Sampson	   Info at
Internet Portal Services, Inc.	   Through infinite myst, software reverberates
Vancouver, BC  (604) 257-9400	   In code possess'd of invisible folly.