Perry E. Metzger wrote : || || Michael Neuman says: || > || > Huh? You go ahead and belive that. Personally, I can think of all sorts || > of security flaws at the kernel level that have NOTHING to do with setuid || > programs. || || Name a couple for us then. I personally have seen only one security || hole in a kernel in the past several years -- the division bug under || older SunOS. Virtually every alert is related to a program thats || setuid root, or that is needlessly running with root privileges (like || sendmail). Well there are certainly configuration problems that can break security that do not involve setuid. General write (or even read) permissions on /dev/mem or /dev/kmem is one example. Write permission on /etc/passwd amongst many important files and directories is another. -- That is 27 years ago, or about half an eternity in | John Macdonald computer years. - Alan Tibbetts | jmm@Elegant.COM