[970] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: list of setuid programs (was: Security hole in Abuse)

daemon@ATHENA.MIT.EDU (David Holland)
Fri Jul 26 10:25:22 1996

From: David Holland <dholland@hcs.HARVARD.EDU>
To: linux-security@tarsier.cv.nrao.edu
Date: Wed, 24 Jul 1996 18:18:48 -0400 (EDT)
In-Reply-To: <31F47454.6FD75B1C@webxs.com> from "Tim Wilfong" at Jul 22, 96 11:42:28 pm

 > I found (there have been requests for this list in the past right?):
 > 
 > at/cron/printing: at, crontab, lpq, lpr, lprm.

LPRng and PLP are secure replacements for BSD lpr that don't involve
setuid. (Apparently LPRng is a rewrite of PLP.)

Given that lpr is full of security holes, it would be wise to
investigate and/or switch to one of these.

 > network: rcp, rlogin, rsh, traceroute, sliplogin, timedc, ping.

Please get the fixes to rcp, rlogin, rsh, and ping in the new
NetKit. :-)

Also be advised that old versions of sliplogin had a hole you could
fly a starship through.

 > mount: mount, umount.

I'm told there's a buffer overrun in mount, but I haven't looked at it
yet. Smbmount is reportedly also not particularly secure.

[Also note that ssh, if installed, needs to be setuid root.]

-- 
   - David A. Holland          | Number of words in the English language that
     dholland@hcs.harvard.edu  | exist because of typos or misreadings: 381

home help back first fref pref prev next nref lref last post