> > > Just to show exactly HOW stupid this whole discussion is, here's inane
> > > argument #1: "The suid/sgid bits are the main source of security holes, so
> > > why don't we disable those altogether, and then we'll have a secure
> > > system".
> >
> > Hey, thats a good idea!
>
> Hey, yeah! Even better...somewhere in the ELF loader, add a patch that
> parses suid binaries and makes sure they don't have any buffer overflow
> bugs or erratic chroot/chdir behaviors or unintended file overwrites or...
Hahaha... Well on a more rational note, what I meant is it would be nice
if some of the programs that need to be suid root to do menial tasks like
access the video card could perform these functions through the kernel
instead of having to deal with the hardware themselves... Yeah yeah, i
know, kernel bloat... but isnt the kernel supposed to provide the
interface between the application and the hardware? GGE (isnt that what
the kernel video driver is called?) seems like a good idea to me... Also I
think I saw somewhere something about a user level interface through the
kernel for sending out pings...
Well anyway, just an idea... It seems a bit crazy that a lot of programs
that dont really need the full privileges of root are sitting around
waiting to be exploited by the first hacker that walks along..
-Vermont