* James Morris: > If you're depending on the script interpreter to flag that the user may > execute code, this seems to be equivalent in security terms to depending > on the user. e.g. what if the user uses ptrace and clears O_MAYEXEC? The argument I've heard is this: Using ptrace (and adding the +x attribute) are auditable events. Florian
