From owner-freebsd-hackers  Mon Oct 23 19:37:11 1995
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id TAA23811
          for hackers-outgoing; Mon, 23 Oct 1995 19:37:11 -0700
Received: from rocky.sri.MT.net (sri.MT.net [204.94.231.129])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id TAA23800
          for <freebsd-hackers@freebsd.org>; Mon, 23 Oct 1995 19:37:03 -0700
Received: (from nate@localhost) by rocky.sri.MT.net (8.6.12/8.6.12) id UAA24582; Mon, 23 Oct 1995 20:39:09 -0600
Date: Mon, 23 Oct 1995 20:39:09 -0600
From: Nate Williams <nate@rocky.sri.MT.net>
Message-Id: <199510240239.UAA24582@rocky.sri.MT.net>
To: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=
    (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su>
Cc: davidg@Root.COM, Nate Williams <nate@rocky.sri.MT.net>,
        ache@freefall.freebsd.org, freebsd-hackers@freebsd.org,
        John Polstra <jdp@polstra.com>
Subject: Re: ld.so, LD_NOSTD_PATH, and suid/sgid programs
In-Reply-To: <EasY4ZmaY2@ache.dialup.demos.ru>
References: <199510240141.SAA00275@corbin.Root.COM>
	<FaLS4ZmKU1@ache.dialup.demos.ru>
	<EasY4ZmaY2@ache.dialup.demos.ru>
Sender: owner-hackers@freebsd.org
Precedence: bulk

> >If we try to plug all potential holes that we find, even small ones,
> >probability of security violation becomes reduced. I don't plan to dam whole
> >river, just plug in small leak reducing leaks number at whole.
> 
> BTW, why you stuck on "shell scripts" only? The same hole can hits
> when commands entered by hand, see my example.

Let's see your example.  You haven't provided one.


Nate