source-changes: Re: sun-lamp CVS commits

Subject: Re: sun-lamp CVS commits
To: None <mycroft@gnu.ai.mit.edu>
From: Chris G. Demetriou <cgd@alpha.bostic.com>
List: source-changes
Date: 08/03/1994 15:18:13

> I don't believe this change actually fixes the problem.  It ignores the
> case of a setuid program calling a shell.

if a setuid program calls the shell, then said setuid program should
be _VERY_BLOODY_CAREFUL_ about what (i.e. args, environment, and data)
that's passed to the shell.

If the setuid program is not, then _it_ is buggy, not the shell.


chris


------------------------------------------------------------------------------