In <94Aug9.094422edt.11795@cannon.ecf.toronto.edu> you write: I am cc'ing this update to several mailing lists the advisory has been forwarded to since last week. Steve Kotsopoulos <steve@ecf.toronto.edu> wrote: >I'm not sure what the vulnerability is, since the sgihelp.books.ViewerHelp >system doesn't seem to contain anything but data files with normal >permissions (no setuid programs). > >How can the removal of this subsystem affect security? >Was there a typo in the advisory, perhaps? Lots of the setuid GUI admin programs lurking around the system invoke it to provide help. It has a print menu with a "pipe to command" option. 'nuff said. Marc