I opted for #2, since it requires no changes to existing start/stop scripts.
> 2. Enforce the sticky bit on the var directory. From Solaris' chmod(2)
> If a directory is writable and has S_ISVTX (the sticky bit)
> set, files within that directory can be removed or renamed
> only if one or more of the following is true (see unlink(2)
> and rename(2)):
> o the user owns the file
> o the user owns the directory
> o the file is writable by the user
> o the user is a privileged user
> (Privileged user means 'root'.) We only need to enforce the sticky bit
> if we start as root and are doing the requisite setuid(). My patch
> already has a test for this.
Patch is attached, against the current release. (diff -c, God bless
Matt Behrens <[EMAIL PROTECTED]>
System Analyst, Baker Furniture