Privilege Leakage Example
	• NetBSD-SA2001-014 • dump(8) exposes 'tty' group • A local user can gain tty privileges by specifying a remote command to execute • src/sbin/dump/optr.c +  /* Restore 'tty' privs for the child's use. */ +  setegid(egid);    switch (pid = fork()) {    case 0:         break;    default: +       setegid(getgid());