Should we start a project? Say a database for different OS's, SUID programs,
why, and md5 sums...
anyone game?
I have a shell script to give md5 sums on suid root programs. We could start a
email alias to send the results to and toss the outliers aside for examination
to get a quick start.

Jason Calvert
ps Bastille is good at disabling a few suid progies...

Yakov N Miles <ynmilesTELUS.NET> on 04/13/2001 12:17:40 AM

Please respond to Focus on Linux Mailing List <FOCUS-LINUXSECURITYFOCUS.COM>
To: FOCUS-LINUX
cc:
Subject: Re: Permissions

Matt Block wrote:
>
> As far as I know, there is no general answer to this question,
> unfortunately. The fact is, any user may have good reasons
> for making some (any) files SUID, SGID, or STICKY. Occasionally,
> the super user may even have good reasons for doing so.
>
> The trick, in general, is to do it on a case by case basis and
> try to figure out _why_ this particular file or directory
> must be special. For instance, some ftp incoming/ directories
> must be SGID, so that the sweeper can examine their contents.
> If I found the SGID bit set on the public/ directory, however,
> I'd want to remove it. S?ID on CGIs are usually no-no's,
> although they are often set.
>
> General users rarely but rarely need S?ID or sticky bits.

Andrew Daviel recommends mounting all non-root disks with the option NOSUID
in the FSTAB list. This will stop all kinds of grief when you have various
versions of the operating system mounted on-line at once. Don't forget to
force floppies to mount NOSUID, or you could be in for a trojan attack from
another system...

--
Linux - because a PC is a terrible thing to waste. mailto:ynmilestelus.net
Note http://www.cheapbytes.com for (almost) free Linux & freeBSD CD-ROMs
and  http://www.overclockers.com to get the MOST from your computer
Website http://yaakov.da.ru

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]