On Tuesday 04 November 2003 01:24 am, Robert Golovniov wrote: > Hello Mandrake group, > > In one of the security guides, the counsel was given to remove the > SUID and SGID permissions from different programs on the Linux box. > Did anyone come across a list where such programs are listed? For > example, should programs like pppd, kppp traceroute(6), man, > cdrecord and alike have that kind of permissions or can it safely be > changed?
Those programs need to bu suid root yo work properly. Rest assured, Mandrake is quite conservative and wouldn't run a program as suid root if it was not necessary. Witness the case of arts, which is recommended to be run as suid root to avoid sound skipping, ships with Mandrake without the suid bit set. So if you are experiencing sound skipping, try changing the suid root bit on artswrapper to root. Yes, running a program as suid root is a greater security risk than running as a user, but it is less of a risk than running as root. If you were to turn the suid bit off on those programs and you wanted to use them, you would have to log in as root, which is even worse. -- /g "Outside of a dog, a man's best friend is a book, inside a dog it's too dark to read" -Groucho Marx
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com