Simon Burge <simonb@telstra.com.au> wrote:
> Argh.  Not _all_ programs in /usr/games are governed by dm.  Please look
> at the following list before posting "your favorite security hole".
> 
> -r-xr-xr-x games/bin     35784 1997-11-14 01:47 ./usr/games/fortune

I just realised, I didn't make a mistake after all. 'fortune' is still
owned by games. You can still use a setuid game to become user 'games'
and replace 'fortune' with a trojan, whether or not it's setuid anything.
So 'fortune' is still "my favourite security hole" ;-).

Cheers


Jon
____
\  //    Jon Ribbens    // 100MB virtual-hosted // www.oaktree.co.uk
 \// jon@oaktree.co.uk //  web space for 99UKP //