On Mon, 4 Oct 2004, Martin Schulze wrote: > There are reasons users install it setuid / setgid, and these installations > are vulnerable.
I disagree. There is absolutely *no* reason to install rp-pppoe setuid-root. It is normally invoked by pppd, and pppd must be either invoked by root or setuid-root itself. Could you name a scenario in which a setuid-root rp-pppoe is needed? Regards, David. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
