Dave = Dave Hayes <dave@elxr.Jpl.Nasa.Gov> Dave> Does anyone have enough details on this hole to determine if the Dave> entire logging mechanism *needs* to be disabled? Some of us use Dave> Xterm logging here and I don't understand exactly what the problem is. The original xterm code used an if-else ladder with access to determine if the user has permission to write to the log file. This is an inherent race condition, since access tells you what is true for that *one* moment in time. If after access runs, and before it gets to open, you can replace the file with something else (say like a hard link to the password file), which will then chown the file. Very bad. --S