On Tue, 25 Mar 1997, Raul Miller wrote:
> Jon Lewis:
> > > has a suid copy of his own to exploit...unless you chmoded the old
> > > one before rm'ing it.
>
> Having had sendmail installed on your system could result in suid
> binaries via a variety of paths. I expect to be seeing CERT
> advisories on sendmail into the next millennia.
>
> If you're concerned about such things, you might want to keep an eye
> on the list of suid programs. Presto, no kernel changes needed, no
> need to break any standards, etc.
>
> find `grep ^/ /etc/mtab | awk '{print $2}'` -mount -type f -perm +4000
>
> --
> Raul
>
>