"In the previous message, Charles Howes said..." > > > ObBug: The shell escape from 'crash' on SunOS... file descriptors are > left open to /dev/kmem and /dev/mem, among other things. > > % crash > dumpfile = /dev/mem, .... > > !/bin/sh > % strings <&9 >/tmp/out & > % id > .... egid=2(kmem) .... > > Ooops. I understated the problem. Yeh. Regarding fixes, I checked - the shell script available from Sun as a patch to fix the FCS permissions does fix the permissions on crash so only root can run it. I checked my machine, and it was not world executable (or anything). I had run that fixit script some time ago. It is DEFINITELY a good thing to run, and then you can follow up and fix stuff like newsyslog (which it doesn't fix). The thing is designed so one can add any files to a list built in, with fields for perms, type, owner, group, the whole thing. In fact, I have been playing catch-up and any file I alter the perms on to lock things down, I add to the thing, so on a new install, I only need to run it. There is a BUNCH of stuff owned by bin (/etc, /dev, most of the system subdirs) that are changed to root by the script - a must do on a box that exports stuff via NFS. It handles files that don't happen to be there (like one did not install all the options) gracefully and silently. I forget the patch number, but its a real low one, and I feel is a 'must have' - or at least something like it. -- pat@rwing [If all fails, try: rwing!pat@eskimo.com] Pat Myrto - Seattle WA "No one has the right to destroy another person's belief by demanding empirical evidence." -- Ann Landers, nationally syndicated advice columnist and Director at Handgun Control Inc.