From: Sam Varshavchik <[EMAIL PROTECTED]> Chris Berry writes:Isnt' setuid usually a "bad thing" as it opens up all kinds of security holes? (though from what I hear PHP isn't exactly real secure either)
[EMAIL PROTECTED] httpd]# ls -l /bin/ping -rwsr-xr-x 1 root root 35302 Jun 23 2002 /bin/ping
Quick -- get rid of 'ping'. It's a major security hole.
Hehe, ok, I get your point, though speaking of ping, most high security firewalls drop icmp responses. I'm just canvasing for opinions so don't take it personal. *grin*
I am making a point. There is nothing inherently insecure with having setuid binaries around.
-------------------------------------------------------
This SF.net email is sponsored by: Tablet PC. Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users