--- /dev/null
+7. Several people have reported that `dip' (a program for SLIP/PPP
+ on Linux) does not work with bash-2.0 installed as /bin/sh.
+
+ I don't run any Linux boxes myself, and do not have the dip
+ code handy to look at, but the `problem' with bash-2.0, as
+ it has been related to me, is that bash requires the `-p'
+ option to be supplied at invocation if it is to run setuid
+ or setgid.
+
+ This means, among other things, that setuid or setgid programs
+ which call system(3) (a horrendously bad practice in any case)
+ relinquish their setuid/setgid status in the child that's forked
+ to execute /bin/sh.
+
+ The following is an *unofficial* patch to bash-2.0 that causes it
+ to not require `-p' to run setuid or setgid if invoked as `sh'.
+ It has been reported to work on Linux. It will make your system
+ vulnerable to bogus system(3) calls in setuid executables.
+
+--- bash-3.0.orig/shell.c Wed Dec 18 14:16:30 1996
++++ shell.c Fri Mar 7 13:12:03 1997
+@@ -461,7 +461,7 @@
+ initialize_shell_builtins ();
+ }
+
+- if (running_setuid && privileged_mode == 0)
++ if (running_setuid && privileged_mode == 0 && act_like_sh == 0)
+ disable_priv_mode ();
+
+ /* Need to get the argument to a -c option processed in the