From: utzoo!decvax!yale-com!brunix!mjb Newsgroups: net.unix-wizards Title: Re: More on SUID and exec Article-I.D.: brunix.1535 Posted: Mon Feb 14 14:23:46 1983 Received: Thu Feb 17 01:33:41 1983 References: mitccc.309,spanky.201 The problem you mention re. shell escapes is one with rogue, if it exists. After forking to exec a shell for a !, all programs should do: setuid(getuid()); setgid(getgid()); to prevent exactly what you described. (Note: I am speaking for 4.1BSD, where the '!' convention should be eliminated anyway and everyone forced to use csh and ^Z instead, but that'll never happen.) Mike Braca, ..!decvax!brunix!mjb, mjb.brown@udel-relay