[1092] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] About suid etc. programs...

daemon@ATHENA.MIT.EDU (Tommi Rintala)
Tue Aug 27 10:55:18 1996

From: Tommi Rintala <t2r@uwasa.fi>
To: linux-security@tarsier.cv.nrao.edu
Date: Mon, 26 Aug 1996 16:36:56 +0300 (EET DST)


Hi!

There  have been  a lot of  discussion  about suid programs and  other
programs,  which cause vulnerabilities  in  Linux system.  I have been
looking for 'unsecure' programs, and found out  that there are usually
many programs in Linux systems which have 'wrong' rights.

I wonder how many of the programs in /sbin and /usr/sbin are programs,
which should  be runable by  ordinary users. sendmail  is one  (and it
should also have suid),  perhaps traceroute is nice  thing if you wish
to follow  a connection paths (thing  which should normally be done by
admin).

How about changing Linux default access rights to something more
paranoid?? 

[REW: Yes, some people would like this. You already name two programs
(sendmail, traceroute) that some people would like to keep from the
"hands of the masses". Lots of setuid programs are like that. Some say
only root should be able to execute them.... Although a "security
question" while installing a system would be nice, this isn't
implemented yet, so you will have to locally configure this the way
you want it.]

yours,

tomppa2
--
--------------------------------------------------------------------------
Tommi Rintala	   Computer Center,  University of Vaasa  Finland
         e-mail: t2r@Cc.UWasa.Fi       http://www.uwasa.fi/~t2r
--------------------------------------------------------------------------

home help back first fref pref prev next nref lref last post