Author: Dominic Cleal Date: To: Hampshire LUG Discussion List Subject: Re: [Hampshire] Running a script that needs to do a rooty thing
On 26/11/10 21:43, Dominic Cleal wrote: > It'd be difficult to write a setuid script securely as environment
> variables (e.g. PATH, LD_LIBRARY_PATH) could be used to make the script
> run all sorts of things the author didn't intend.
Small correction: apparently LD_* type variables are ignored on setuid
binaries anyway, or you'd have the same issues... dangerous stuff anyway :-)
