[140] in linux-security and linux-alert archive
Re: "Find all the SUID programs." Fine. So which *should* be SUID?
daemon@ATHENA.MIT.EDU (R.E.Wolff@et.tudelft.nl)
Mon Mar 13 06:18:52 1995
To: linux-security@tarsier.cv.nrao.edu
Date: Mon, 13 Mar 1995 09:01:52 +0100 (MET)
In-Reply-To: <3jvm1o$ssd@dhp.com> from "Panzer Boy" at Mar 12, 95 03:37:12 pm
From: R.E.Wolff@et.tudelft.nl
Reply-To: linux-security@tarsier.cv.nrao.edu
>
> R.E.Wolff@et.tudelft.nl wrote:
> : > *** Procmail, Screen, and tin (suid news)
> : > -rwsr-sr-x 1 news news 222212 Aug 12 1994 /usr2/local/bin/tin
> : I wouldn't trust "tin".
>
> It's suid NEWS, not root. Though indirectly you can get root from that.
> I know. Get news, modify rc.news file, run by root... :) This was
> originally run as root so that I could have it create index files, as
> this is no longer needed (I have news locally) tin is no longer suid root.
That's what I said. I wouldn't trust tin. It gives you a route to become
root. I might be a little terse, but my "instinct" told me that tin
usually doesn't need any s bits. If you do stick them on, you invariably
open up a whole bag of problems. Even if there wouldn't be a root-hole
behind there, you didn't make the news system owned by "news" to let
everybody modify it, if you did want to trust your users not to mess with
the news system, you'd have made the whole news system 777.
>
>
> : > *** System utils that mod files in restricted space
> : > -rwsr-xr-x 1 root root 17412 May 6 1994 /usr/bin/chfn
> : > -rwsr-xr-x 1 root root 13316 May 6 1994 /usr/bin/chsh
> : I'd group these with "passwd".
> I don't have a group passwd, don't see the use other than convience.
No. Sorry. I didn't mean it that way. I meant to say that the
group (passwd, chfn and chsh) belong together. They all change the
file /etc/passwd.
>
> : for your information: the "rule" is that slackware comes with a clean
> : /usr/local. All that ends up there is yours.....
> Kinda strange way to do it, since have of slackware is made up of things
> that should be in /usr/local/bin. Again, this is personal taste, so
> whatever people like. :)
Right. On a SUN/HP system, you don't get the PD stuff. You add it locally,
and it goes in /usr/local/bin. On Slackware, this stuff wasn't added by
you, locally, so it doesn't belong in /usr/local/bin .
Roger.
