[137] in linux-security and linux-alert archive
Re: "Find all the SUID programs." Fine. So which *should* be SUID?
daemon@ATHENA.MIT.EDU (Martin v.Loewis)
Mon Mar 13 06:07:55 1995
From: "Martin v.Loewis" <loewis@cs.tu-berlin.de>
To: linux-security@tarsier.cv.nrao.edu
Date: Mon, 13 Mar 1995 07:58:57 +0100 (MET)
In-Reply-To: <3juaf3$os6@dhp.com> from "Panzer Boy" at Mar 12, 95 03:13:23 am
Reply-To: linux-security@tarsier.cv.nrao.edu
> *** To allow the program to initiate connections from lower ports, though
> I for the most part don't see why this needs to be done.
> -r-sr-xr-x 1 root bin 13316 Feb 12 1994 /usr/bin/rlogin
> -r-sr-xr-x 1 root bin 9220 Feb 12 1994 /usr/bin/rsh
> -r-sr-xr-x 1 root root 5584 Feb 2 1994 /usr/bin/traceroute
The access to lower ports gives some added security. If every program could
create such a socket, everybody could connect to rlogind and tell: 'This
user is foo, I've verified this, let him in'.
traceroute needs access to the raw socket. With such capabilities, you could
easily listen on somebody else' port.
Enjoy,
Martin
