Good Morning, After playing with the race condition this morning, I honestly don't see how the patch made it worse. (Unless I've got the scripts backwards.) The first exploit allowed you to create or append to any file. The second exploit only allows you to create any file. Yeah, it probably makes people feel more secure, but it's silly if they feel safe. So, after the patch, you can atleast not append to /etc/passwd or whatever. As well, it seems that if there is an alias for the 0 UID user, the problem doesn't exist. (Atleast I didn't see an option for not doing an alias with binmail. I could be wrong.) As well, even if you could write to /etc/passwd (/etc/shadow) it doesn't parse past bogus lines. (ie. the mail headers) Please let me know if I'm wrong in any of these statements. Ciao, -- Richard Bainter Mundanely | System Analyst - OMG/CSD Pug Generally | Applied Research Labs - U.Texas pug@arlut.utexas.edu | pug@bga.com Note: The views may not reflect my employers, or even my own for that matter.