On 28/10/99 wrote:
>I recently scanned my system for programs owned by root that have
>the suid bit set, and found not one but about 200 such programs.
>Can this possibly be justified?
>
>Could there be a problem if I just run a script that removes the
>suid bit from all of them? What script would I use for that anyway?
yes if you remove the SUID bit from ALL your binaries you will
definitely have problems such as oh... not being able to login
anymore :-)
most of the time if a binary is suid there is a reason for it and
most of the time the binary won't work anymore if its not suid, that
may not matter if the binary is of no real use to ordinary users and
is not used by some service on your system that does not run as root
itself.
now as to the 200 number that seems high, my system only has 40 or
50, but its been cleaned up by me, removing services and such i dont
need, and I removed a few suids...
Best Regards,
Ethan Benson
To obtain my PGP key: http://www.alaska.net/~erbenson/pgp/
