[970] in linux-security and linux-alert archive
[linux-security] Re: list of setuid programs (was: Security hole in Abuse)
daemon@ATHENA.MIT.EDU (David Holland)
Fri Jul 26 10:25:22 1996
From: David Holland <dholland@hcs.HARVARD.EDU>
To: linux-security@tarsier.cv.nrao.edu
Date: Wed, 24 Jul 1996 18:18:48 -0400 (EDT)
In-Reply-To: <31F47454.6FD75B1C@webxs.com> from "Tim Wilfong" at Jul 22, 96 11:42:28 pm
> I found (there have been requests for this list in the past right?):
>
> at/cron/printing: at, crontab, lpq, lpr, lprm.
LPRng and PLP are secure replacements for BSD lpr that don't involve
setuid. (Apparently LPRng is a rewrite of PLP.)
Given that lpr is full of security holes, it would be wise to
investigate and/or switch to one of these.
> network: rcp, rlogin, rsh, traceroute, sliplogin, timedc, ping.
Please get the fixes to rcp, rlogin, rsh, and ping in the new
NetKit. :-)
Also be advised that old versions of sliplogin had a hole you could
fly a starship through.
> mount: mount, umount.
I'm told there's a buffer overrun in mount, but I haven't looked at it
yet. Smbmount is reportedly also not particularly secure.
[Also note that ssh, if installed, needs to be setuid root.]
--
- David A. Holland | Number of words in the English language that
dholland@hcs.harvard.edu | exist because of typos or misreadings: 381