[574] in linux-security and linux-alert archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

SUID binaries

daemon@ATHENA.MIT.EDU (Anthony C. Zboralski)
Fri Jan 26 12:49:41 1996

Date: Thu, 25 Jan 1996 21:37:55 +0100 (MET)
From: "Anthony C. Zboralski" <frantic@worldnet.net>
To: Linux Security <linux-security@tarsier.cv.nrao.edu>

I use SVGATextMode since version 0.9 (now using 1.1) to allow me to have 
fast 132x60x8 Linux text consoles. In most source distribution, it is 
adviced to make it SUID. The problem is that if a user runs it from an 
xterm on the local display it will crash the computer.. 

Also in slackware 3.0, users shouldn't be able to use the modem to dial out..
should cu be guid uucp?

I checked some of the SUID and here is a list of suspicious SUID binaries
Should those file really be SUID by default? (Slackware 3.0):
/usr/bin/chfn   4711    root    bin (user can change is real name)
/usr/bin/fix132x43      6755    root    bin (seg fault on my machine)
/usr/lib/svgalib/*		6755	root	bin
/usr/games/doom/linuxsdoom      4711    root    bin (crashes)
/usr/games/doom/killmouse       4711    root    bin
/usr/games/doom/startmouse      4711    root    bin
/usr/games/sastroid		4711
/usr/X11R6/bin/xtetris		2711	root	bin
/usr/X11R6/bin/color_xterm      4755    root    bin
/usr/games/abuse-0.31/keydrv
/usr/X11R6/bin/SuperProbe       4755    root    bin
____  
\  /__  Anthony C. Zboralski <frantic@worldnet.net>
 \/  /  
   \/   Finger <frantic@webbar.imaginet.fr> for PGP Public Key


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[574] in linux-security and linux-alert archive

SUID binaries

daemon@ATHENA.MIT.EDU (Anthony C. Zboralski)Fri Jan 26 12:49:41 1996

daemon@ATHENA.MIT.EDU (Anthony C. Zboralski)
Fri Jan 26 12:49:41 1996