that is the answer, the script is indeed setuid, I'll check that.
thanks
Hotshot | [reply] |
Ofcourse un-setuid'ing the script wont fix any security holes you might have. Closing a file that's not open is probably not a very smart thing. Many brothers here think it would be wise to keep taint checking on and just secure your code a bit. See perlsec for some more hints.
Greetz
Beatnik
... Quidquid perl dictum sit, altum viditur.
| [reply] |