I'm thinking of enabling SUIDDIR on a web server that offers CGI -possibly even shell access if there's a difference.

This is mentioned in several man pages: "It provides security holes for shell users and as such should not be used on shell machines, especially on home directories."

With regards to creating files/etc, it mentions: "Execute bits are removed from the file, and it will not be given to root."

With that in mind, can anyone give me a specific example on how this can pose a security risk?


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Reply via email to