search for: descriptorson

...Just invoke /usr/bin/suidexec <your program> /path/to/script - it will happily execute your program with euid = 0. This is completely sufficient for doing arbitrary damage on the system. Additionally, suidexec will fail with shells which close all but the "standard" file descriptorson startup: /proc/self/fd/<N> (which is the file descriptor suidexec has opened for the shell script in question) will have vanished after this. I am actually considering this a feature, as it avoids some of the $HOME/.cshrc related standard exploits. SOLUTION: Just drop suidexec from the dist...