[Linux-disciples] Setuid/setgid
Stephen R Laniel
steve at laniels.org
Sat Nov 19 23:22:58 EST 2005
When people warn against running programs setuid/setgid --
such as <http://www.gtk.org/setuid.html> -- are they warning
against setting that bit at all, or specifically warning
against setuid root? Because isn't it the case that running
setuid with a 'nobody'-type user is actually *more* secure?
--
Stephen R. Laniel
steve at laniels.org
+(617) 308-5571
http://laniels.org/
PGP key: http://laniels.org/slaniel.key
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.bostoncoop.net/pipermail/linux-disciples/attachments/20051119/04aae98e/attachment.pgp
More information about the Linux-disciples
mailing list