> > Less secure would be to do the same thing with a setuid shell > > script. > > It's my understanding that shell scripts will not work suid. (I did try > that out before turning to C, it never worked, and I seem to remember > seeing an explanation of why it doesn't work somewhere...) CCMIW
For the record, linux will *NOT* honor the setuid bit on shell scripts...there's just no practical way to make them secure. Also on the security front, I would strongly suggest directly modifying the desired /proc flag with the C code, rather than calling any sort of shell script. There are too many ways to manipulate the shell if you're not careful, and while you probably don't have to worry about a lot of these problems on LEAF (which typically isn't setup with user accounts), I never like taking shortcuts with security...it's too easy to build bad habits and forget yourself when it really *DOES* matter. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ------------------------------------------------------- This sf.net email is sponsored by: Influence the future of Java(TM) technology. Join the Java Community Process(SM) (JCP(SM)) program now. http://ads.sourceforge.net/cgi-bin/redirect.pl?sunm0002en _______________________________________________ leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
