Re: SUID program removal
From: Seth Arnold (sarnold@wirex.com)Date: 10/18/01
- Previous message: Peter H. Lemieux: "Re: kazaa,gnutella,aimster blocks"
- In reply to: Pacifi3r: "SUID program removal"
- Next in thread: Richard Garand: "Re: SUID program removal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 17 Oct 2001 18:43:57 -0700 From: Seth Arnold <sarnold@wirex.com> To: focus-linux@securityfocus.com Subject: Re: SUID program removal Message-ID: <20011017184357.C930@wirex.com>
On Thu, Oct 11, 2001 at 09:51:14PM +0200, Pacifi3r wrote:
> Newbie would like to know which program on a base RedHat 7.1 installed can
> have the SUID bit removed. Base in this instance means that no additional
> package were selected for install.
This is great. :) Newbie also can use this chance to learn the power of
'find'. :) Two-birds-with-one-stone sort of approach.
You can run 'find / -perm +07000 -print' to find files on your system
with setuid, setgid, and sticky-bit set. You could then research each
file to find out what uses it, and remove the ones that you don't seem
to need.
You can also use bastille to help secure your machine. I've never used
bastille, but I keep hearing good things about it, so it is probably
worth a shot.
Cheers :)
- Previous message: Peter H. Lemieux: "Re: kazaa,gnutella,aimster blocks"
- In reply to: Pacifi3r: "SUID program removal"
- Next in thread: Richard Garand: "Re: SUID program removal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
