[EMAIL PROTECTED] writes:
> I'll offer that an SUID program is NOT inherently dangerous. ping is a
> fairly small, uncomplicated program that should, in theory, be easy to
> secure from stack smashes and other such nonsense. A well-designed SUID
> program is not a danger. If it were, all processes run as root would be
> inherently dangerous, and you could never manage your system.
All processes run as root *are* inherently potentially dangerous.
The fact that this potential is usually not realized, is the only reason we
can manage our systems.
> Despite this, and as much as I respect Linus, I think the non-excecutable
> stack patch should be incorporated into the kernel proper. His argument
> is something like "adding it is like inviting people to write bad
> code, and leaving it out encourages better code."
I agree wholeheartedly, but in addition, I believe a non-excecutable stack
is cleaner conceptually. Execute code; don't execute data. Simple.
Executing data = inviting people to write bad code.
Bob Sparks
Linux guru wannabe
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
