Re: question on an exploit

[Ed Rolison <ed.rolison () byzantium com>]

Could the filesystem be mounted no-setuid? This is a fairly common feature 
because basically in user space there's rarely a need for setuid binaries.
actually, come to think of it, you might need the program to make a 'setuid(0)' 
system call. Otherwise it'll not try and grab the higher permissions. (as an 
example, stick a setuid flag on a shell, and then run it. IIRC it doesn't change 
uid.