Well, now that I've been trounced upon by several of you folks, ;-) I realize that that by 'fixing the kernel' I was (mistakenly) assuming that what was meant was 'disable set-uid interpreter scripts'. It was disabling them entirely that I disagree with. Yes, I am aware of the race condition with such scripts, and agree that it needs to be solved before such scripts have any hope of being considered 'safe'. My apologies for spouting off so quickly. I still would prefer that the set-uid mechanism be made to work reliably, rather than merely disabling it because it's unsafe in its current incarnation, and yes, I agree that some of the changes must be made in the kernel. While we're on the subject: What should happen if you have a set-uid interpreter script and the interpreter it invokes is also set-uid to a different uid? This is a philosophical point, so I suppose the discussion should be moved to some other list or newsgroup. ----- Fred Blonder fred@nasirc.hq.nasa.gov Hughes STX Corp. (301) 441-4079 7701 Greenbelt Rd. Greenbelt, Md. 20770