On Mon, 17 Oct 1994, Peter Wemm wrote: > > Better still are the versions of expreserve that do a > system("mkdir ...."); > Create a file called "mkdir" and put "." in your path. > > Just out of interest, what is needed to make it safe? Is making it > non-setuid/setgid and /usr/preserve mode 1777 sufficient? > I'd think the most straightforward fix would be to replace the uses of system(...) in the source. In the example above, replace system("mkdir foo"); with mkdir("foo", 0700); (This assumes, of course, that you have sources...) -- John Abreau / Director, BCS Linux/Unix Group / jabr@bcs.org The Boston Computer Society / 101 First Avenue, Suite 2 / Waltham, MA 02154 Voice +1 617 290 5700 / Fax +1 617 290 5744