>If the exec command supports #!, and #! also works for scripts >that are setuid and/or execute only, then there is no need for >suid_exec.
It works for set-uid scripts; it does not work for execute only scripts (except those which are setuid, I think) >For execute only scripts, the exec call needs to open the >file and pass down the open file descriptor as /dev/fd/n >where n is the file descriptor. This we'd need to fix, perhaps. I don't see any sane reason for execute only scripts to normally work. (This is compounded by the fact that the kernel may not be able to determine how to open execute only scripts; but a set-uid root helper program would get into trouble even more quickly as it is certain to fail over NFS) Could ksh93 use /proc/self/path/$(basename $0) in error messages rather than /dev/fd/X? Casper
