A simple example

The following example is taken from Professional Linux issue .. and shows nicely the dangers of even very short setuid scripts. This is contrary to the common advice that short setuid programs are safe. And the example shows how much the programmers view and the operating system reality can differ. Unix/Linux offers a lot of chances for mistakes, starting with symlinks, system call API (fopen etc.) and missing transactions over file manipulations.

But there are deeper things to learn: the confused deputy problems and why designation separated from permission is a big problem.