> P> Did you happen to install the following, in particular 101436-02? > P> Solaris 1.1.1 Patches Containing Security Fixes: > P> ------------------------------------------------ > P> 101436-02 SunOS 4.1.3_U1: bin/mail jumbo patch > This is the patch which made the race condition *easier* to exploit > than it was in the unpatched version. Yes, and after getting another copy of the exploit script, it's been pointed out that the race condition can write to ANY file. Btw, does anyone know if there is a similar race condition on Solaris 2.x? Ciao, -- Richard Bainter Mundanely | System Analyst - OMG/CSD Pug Generally | Applied Research Labs - U.Texas pug@arlut.utexas.edu | pug@bga.com Note: The views may not reflect my employers, or even my own for that matter.