> >Am I missing something? This vulnerability is close to 10 years old. >It was in one of the first versions of Solaris after Sun moved off of >the SunOS BSD platform and over to SysV. It has specifically to do w= >ith >how arguments are processed via getopt() if I recall correctly. You're confused with AIX/Linux Solaris did not have the -f option in login until much later. Casper
