Antti J HÃtinen <[EMAIL PROTECTED]> writes: > Is there a patch against this exploit?
I don't see any exploit that is related to fileutils. "rm" doesn't have setuid privileges, so whatever "rm" can do under the supposed "exploit", your C program can do anyway. It's true that you can fool "rm" into thinking that it is running as root, but you can just as easily take the source code to "rm", modify it so that the modified "rm" thinks that it is running as root, compile the modified version, and run it. Same effect. _______________________________________________ Bug-coreutils mailing list [EMAIL PROTECTED] http://lists.gnu.org/mailman/listinfo/bug-coreutils
