Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!utcsrgv!garfield!andrew From: andrew@garfield.UUCP (Andrew Draskoy) Newsgroups: net.unix-wizards Subject: Re: TIOCDTR (bug | feature) Message-ID: <433@garfield.UUCP> Date: Sat, 2-Jul-83 01:31:55 EDT Article-I.D.: garfield.433 Posted: Sat Jul 2 01:31:55 1983 Date-Received: Sat, 2-Jul-83 23:06:09 EDT Lines: 9 If you change write to be set-uid root, you must add in two things: One is a setuid(geteuid()) before the exec for a shell escape. almost as important, but less obvious, is that you must scrutinize the optional ttyname arguement to prevent things like write user ../etc/passwd This would of course be disasterous...