mailing list archives
Re: simple kde exploit fix
From: aj () DUNGEON INKA DE (Andreas Jellinghaus)
Date: Mon, 18 May 1998 20:59:24 +0200
the kde packages done by debian were affected by the kde exploit this way:
they were not setuid root, but setgid shadow. so it could be possible to read
/etc/shadow, but not get root rights.