From: utzoo!decvax!harpo!duke!trt Newsgroups: net.games.emp Title: Re: sri-unix.1410: redirection to file Article-I.D.: duke.2136 Posted: Thu May 13 12:30:33 1982 Received: Fri May 14 03:47:14 1982 Opening a restricted file as the SUID, then reverting to the RUID is still a security hole if the open file descriptor is available to a RUID-specifiable program (e.g. a shell escape). Steve Bellovin long ago pointed out that: fd = open(SECRETFILE, 2); if (fd < 0) could not open... ioctl(fd, FIOCLEX, NULL); is a wise way to open such files. Tom Truscott