Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!watmath!clyde!bonnie!akgua!mcnc!decvax!decwrl!amd!fortune!wdl1!jbn From: jbn@wdl1.UUCP (jbn ) Newsgroups: net.unix-wizards Subject: Re: hazards of linking directories Message-ID: <466@wdl1.UUCP> Date: Fri, 5-Oct-84 21:25:31 EDT Article-I.D.: wdl1.466 Posted: Fri Oct 5 21:25:31 1984 Date-Received: Sun, 7-Oct-84 09:12:34 EDT Lines: 7 Nf-ID: #R:masscomp:-4900:wdl1:17100014:000:381 Nf-From: wdl1!jbn Oct 5 12:58:00 1984 This is a strong argument against running utilities such as the line printer spooler as ``setuid to root''. Such programs should open the file of interest while running as the requestor and then exec a second program which is set-uid to a service user id which owns the spooling directory, after which a copy can be performed. This is a little more complex but much safer.