Web Hosting Talk






PDA

View Full Version : Set-UID programs

choon
09-02-2002, 03:09 PM
Hi everyone,

I need some experts advice as I am not sure which of the following shouldn't be set-uid:

-rws--x--x 2 root root 808822 Feb 21 2002 /usr/bin/suidperl
-rwsr-xr-x 1 root root 34476 Aug 28 2001 /usr/bin/chage
-rwsr-xr-x 1 root root 36208 Aug 28 2001 /usr/bin/gpasswd
-rwsr-xr-x 1 root root 37580 Aug 3 2001 /usr/bin/at
-rwxr-sr-x 1 root mail 12500 Jun 30 2001 /usr/bin/lockfile
-rwxr-sr-x 1 root slocate 25020 Jun 25 2001 /usr/bin/slocate
-r-s--x--x 1 root root 13476 Aug 7 2001 /usr/bin/passwd
-r-xr-sr-x 1 root tty 6444 Aug 29 2001 /usr/bin/wall
-rws--x--x 1 root root 13136 Aug 27 2001 /usr/bin/chfn
-rws--x--x 1 root root 12484 Aug 27 2001 /usr/bin/chsh
-rws--x--x 1 root root 5456 Aug 27 2001 /usr/bin/newgrp
-rwxr-sr-x 1 root tty 8744 Aug 27 2001 /usr/bin/write
-rwsr-xr-x 1 root root 21280 Jun 25 2001 /usr/bin/crontab
-rwsr-xr-x 1 root root 7180 Sep 8 2001 /usr/bin/kcheckpass
-rwxr-sr-x 1 root root 54752 Sep 8 2001 /usr/bin/kdesud
-rwsr-xr-x 1 root root 209948 Sep 6 2001 /usr/bin/ssh
-rwsr-xr-x 1 root root 14588 Jul 24 2001 /usr/bin/rcp
-rwsr-xr-x 1 root root 10940 Jul 24 2001 /usr/bin/rlogin
-rwsr-xr-x 1 root root 7932 Jul 24 2001 /usr/bin/rsh
-r-sr-x--- 1 root news 29116 Jul 25 2001 /usr/bin/inndstart
-r-sr-x--- 1 uucp news 53817 Jul 25 2001 /usr/bin/rnews
-r-sr-x--- 1 root news 25436 Jul 25 2001 /usr/bin/startinnfeed
-rws--x--x 2 root root 808822 Feb 21 2002 /usr/bin/sperl5.6.1
---s--x--x 1 root root 80764 Jul 24 2001 /usr/bin/sudo
-r-xr-s--x 1 root games 52024 Aug 15 2001 /usr/bin/gnome-stones
-r-xr-s--x 1 root games 40076 Aug 15 2001 /usr/bin/gataxx
-r-xr-s--x 1 root games 26636 Aug 15 2001 /usr/bin/glines
-r-xr-s--x 1 root games 68812 Aug 15 2001 /usr/bin/gnibbles
-r-xr-s--x 1 root games 75100 Aug 15 2001 /usr/bin/gnobots2
-r-xr-s--x 1 root games 25772 Aug 15 2001 /usr/bin/gnotravex
-r-xr-s--x 1 root games 72160 Aug 15 2001 /usr/bin/gnomine
-r-xr-s--x 1 root games 45260 Aug 15 2001 /usr/bin/mahjongg
-r-xr-s--x 1 root games 23128 Aug 15 2001 /usr/bin/gnotski
-r-xr-s--x 1 root games 234684 Aug 15 2001 /usr/bin/gtali
-r-xr-s--x 1 root games 47612 Aug 15 2001 /usr/bin/iagno
-r-xr-s--x 1 root games 21020 Aug 15 2001 /usr/bin/same-gnome
-rwsr-xr-x 1 root root 149454 Jul 17 2001 /usr/bin/nwsfind
-rwxr-s--- 1 root news 59356 Jul 23 2001 /usr/bin/slrnpull
-r-sr-sr-x 1 uucp uucp 129652 Sep 5 2001 /usr/bin/cu
-r-sr-xr-x 1 uucp uucp 91592 Sep 5 2001 /usr/bin/uucp
-r-sr-sr-x 1 uucp uucp 39076 Sep 5 2001 /usr/bin/uuname
-r-sr-xr-x 1 uucp uucp 101300 Sep 5 2001 /usr/bin/uustat
-r-sr-xr-x 1 uucp uucp 93384 Sep 5 2001 /usr/bin/uux
-rws--x--x 1 qmailq qmail 14992 Apr 22 22:10 /usr/bin/qmail-queue
-rwsr-x--- 1 root disk 8120 Jul 14 2001 /usr/lib/amanda/calcsize
-rwsr-x--- 1 root disk 6152 Jul 14 2001 /usr/lib/amanda/killpgrp
-rwsr-x--- 1 root disk 4452 Jul 14 2001 /usr/lib/amanda/rundump
-rwsr-x--- 1 root disk 5372 Jul 14 2001 /usr/lib/amanda/runtar
-rwsr-x--- 1 root disk 27448 Jul 14 2001 /usr/lib/amanda/dumper
-rwsr-x--- 1 root disk 26960 Jul 14 2001 /usr/lib/amanda/planner
-rwsr-xr-x 1 root root 18444 Aug 28 2001 /usr/sbin/ping6
-rwsr-xr-x 1 root root 9804 Aug 28 2001 /usr/sbin/traceroute6
-rwxr-sr-x 1 root utmp 6604 Jun 25 2001 /usr/sbin/utempter
-rwsr-xr-x 1 root root 6340 Sep 9 2001 /usr/sbin/usernetctl
-rwxr-sr-x 1 root utmp 9164 Aug 28 2001 /usr/sbin/gnome-pty-helper
-rws--x--x 1 root root 20732 Aug 28 2001 /usr/sbin/userhelper
-rwsr-xr-x 1 root root 20120 Jun 26 2001 /usr/sbin/traceroute
-rwxr-sr-x 1 root lock 8332 Sep 5 2001 /usr/sbin/lockdev
-r-s--x--- 1 root apache 11340 Jun 22 03:41 /usr/sbin/suexec
-rwsr-x--- 1 root disk 26772 Jul 14 2001 /usr/sbin/amcheck
-r-sr-sr-x 1 uucp uucp 227488 Sep 5 2001 /usr/sbin/uucico
-r-sr-sr-x 1 uucp uucp 103712 Sep 5 2001 /usr/sbin/uuxqt
-rws--x--x 1 root root 5168 Sep 6 2001 /usr/X11R6/bin/Xwrapper
-rwxr-sr-x 1 root games 30300 Jun 25 2001 /usr/X11R6/bin/xbill
-r-sr-xr-x 1 root root 41986 Aug 30 19:14 /usr/local/sbin/wfetch
-r-sr-xr-x 1 root root 307 Aug 30 19:14 /usr/local/sbin/fetchmailloop.sh
-r-sr-xr-x 1 root root 643 Aug 30 19:14 /usr/local/sbin/dothefetch.sh
-rwsr-xr-x 1 root bin 1380628 Apr 16 2001 /usr/local/frontpage/version5.0/apache-fp/_vti_bin/fpexe
-r-sr-sr-x 1 root root 4312692 Jun 8 16:20 /usr/local/frontpage/version5.0/admin-exes/fpadmcgi.exe
-rwsr-xr-x 1 root root 23436 Aug 28 2001 /bin/ping
-rwsr-xr-x 1 root root 57628 Jul 25 2001 /bin/mount
-rwsr-xr-x 1 root root 28380 Jul 25 2001 /bin/umount
-rwsr-xr-x 1 root root 18452 Jul 24 2001 /bin/su
-r-sr-xr-x 1 root root 15088 Sep 25 2001 /sbin/pwdb_chkpwd
-r-sr-xr-x 1 root root 15672 Sep 25 2001 /sbin/unix_chkpwd
-rwxr-sr-x 1 root root 4120 Sep 9 2001 /sbin/netreport


Thanks.

Kindest regards,
Choon
mind21_98
09-02-2002, 03:24 PM
Jesus! I wonder why mount/umount are suid root. Shouldn't be necessary, should it? (they're suid root on my Redhat 6.2 box too for some reason)
choon
09-02-2002, 03:33 PM
So... for mount and umount, can I just issue the following command via SSH or what?

chmod -s /bin/mount
chmod -s /bin/umount

Will it affect the disk quota function?

Just curious :rolleyes:

Thanks.

Kindest regards,
Choon
mind21_98
09-02-2002, 08:05 PM
chmod u-s /bin/mount
chmod u-s /bin/umount

I'm not sure if that'll break any system scripts though.