On Wed, 2 Nov 1994, Perry E. Metzger wrote: > Charles Howes says: > > > Our copy of ping is installed setuid root; ... > > > > So you mean that any student at princeton can panic any Sun there just by > > typing that command? Cool... > > There are already so many ways to panic suns from userland... Yes, I've found one that's rather easy: Sign on twice. Transcript one: cd /tmp mkdir foo cd foo (*) mkdir bar Transcript two: (Executed at '*' in transcript one) cd /tmp rmdir foo I don't think you can remove the 'mkdir' part of the kernel without causing some major problems. -- Charles Howes -- chowes@helix.net Always tell the truth, then you make it the other bloke's problem! - Sean Connery, 1971