LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-15-2002, 07:06 PM   #1
ForumKid
Member
 
Registered: Dec 2001
Posts: 195

Rep: Reputation: 30
find / \( -perm -0200 -o -perm -04000 \) -ls. How to remove the bit


Hi,
My security book says thats if you dont need this functionality, remove the bit. How to i remove the bit for some of these programs. Is it a good idea? Bunch of docs/etc/ came up. Does anyone know what dir's i can remove the bit from and actually how to remove it.
Thanks
 
Old 01-16-2002, 01:52 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,409
Blog Entries: 55

Rep: Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582
Removing it on an 4750 executable that's got suid (set user id) 4000 would be chmod 0750 <executable>.
Suid bits (on some executables) are there for the same mechanism why sendmail needs 'em, for instance to bind to a privileged port. A reason to remove the suid bit is if you wouldn't want users to use it (like ping, dump, traceroute). For those executables you could let them have access tru adding them and the executables to a separate usergroup, or better, by using sudo.

There are some exes you don't want to remove suid or sgid from, but I can't come up with a list now.
Run the list by us and we'll see what we can recommend I guess.
 
Old 01-16-2002, 08:28 AM   #3
ForumKid
Member
 
Registered: Dec 2001
Posts: 195

Original Poster
Rep: Reputation: 30
List is huge. I cant believe how many there are. I just wasnt sure if its a standard security thing to go through them and weed em out. Looks like a lot of them are in /usr/share/docs. I couldnt imagine that Id need them.
Thanks
 
Old 01-16-2002, 11:36 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,409
Blog Entries: 55

Rep: Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582
Weird. Can't imagine needing suid or sgid on /usr/*share* or even /usr/share/*docs*.
Well, scanning with utils like Cops, Tiger (tara), sara or the 'ol sbscanner will definately show suids and sgids.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Perm mnting a HD partyk1d24 Linux - Hardware 1 10-06-2005 07:34 PM
adding perm. alias to .bashrc Lleb_KCir Linux - General 7 12-09-2004 02:35 PM
Perm issue and Apache paleogryph Linux - Software 1 04-13-2004 07:38 AM
Who is changing perm on login/logout ? artois_val Mandriva 3 02-06-2004 06:58 AM
Perm Routes and Arp Statments. Ox///M Linux - Networking 2 01-11-2002 05:29 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:10 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration