On Sun, Oct 03, 1999 at 10:06:02AM -0400, Daniel Burrows wrote: > [ as I understand it, a security 'breach' could only occur with this > system if a user had execute permissions but *not* read permissions > on a file that wasn't of a normal executable format; in other words: > rwx--x--x /usr/bin/haha-you-cant-run-me.exe or if the user normally > didn't have permissions to run the interpreter but had enough > permissions to execute files of that type. Both of these seem to me to > be unusual cases, but who knows? :) ]
Or if the interpreter was setuid or setgid. -- Raul