[ On Friday, April 16, 1999 at 01:22:08 (-0700), Gandhi woulda smacked you wrote: ]
> Subject: Re: Thought for the day...
>
> I just thought that not needing to fiddle with fork/exec in order
> to achieve secure setid would be more elegant.

Well, I always thought the fork() and exec() of a set-id binary was kind
of elegant solution to the problem!  ;-)  You start a new program and
get new privileges all at the same time, while the system gets at least
some assurance that the new program is safe to run.

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>