On Mon, 2 Dec 2002, Sven Koehler wrote: > >>Perform the following steps for each <dependent_path>: > >>$ cd <dependent_path>/pgm > >>$ cp lserversrv lserver > >>$ chown root lserver > >>$ chmod +s lserver > > Are there more informations about what lserver and lserversrv do? and > what the difference is? > > > Are these the correct instructions? You close a security hole by > > adding another setuid root program? > > I hope so. I think that lserver currently is some kind of a > "debug"-version or somethin. So this step is just like replacing the > insecure with a secure version of the program - but i'm not quite sure.
lserver was/is only a wrapper which calls lserversrv. The call of lserversrv was the security problem. CU, Wolfgang _______________________________________________ sapdb.general mailing list [EMAIL PROTECTED] http://listserv.sap.com/mailman/listinfo/sapdb.general
