"Schott, Erik (CORP, GEAccess)" wrote:

[snip]

> Here's the deal. If you really want to scare yourself, do a "find / -perm
> 6000" and let 'er rip. You'll find more setuid scripts in the software than
> you can shake a stick at. BUT, if you do the same thing on Solaris 7 or
> Solaris 2.6, you'll find just about the same number of setuid scripts.

I think you mean, 'find / -perm -4000'. But when I did,

  $ file `find / -perm -4000` 2>/dev/null

I did not find one of the setuid files to be a shell script. All
were ELF executables.

--
Crist J. Clark                                Network Security Engineer
crist.clarkglobalstar.com                    Globalstar, L.P.
(408) 933-4387                                FAX: (408) 933-4926
The information contained in this e-mail message is confidential,
intended only for the use of the individual or entity named above.  If
the reader of this e-mail is not the intended recipient, or the employee
or agent responsible to deliver it to the intended recipient, you are
hereby notified that any review, dissemination, distribution or copying
of this communication is strictly prohibited.  If you have received this
e-mail in error, please contact postmasterglobalstar.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]