That's not entirely true - see the 'setuid installation' section of
the manpage. If you've ever needed to trace a setuid program, it's
obvious why this feature exists. The manpage does give a clear
explanation of the security implications, so the 'bug' is still an
installation error.
Peter
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/