Date: Fri, 9 Jul 1999 13:35:16 -0400 (EDT) From: Barrett Richardson <barrett@phoenix.aye.net> To: Gustavo V G C Rios <kernel@tdnet.com.br> Cc: security@freebsd.org, bos-owner-br@sekure.org Subject: Re: suid/guid Message-ID: <Pine.BSF.4.01.9907091319130.29645-100000@phoenix.aye.net> In-Reply-To: <3784D440.1075EFB3@tdnet.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 8 Jul 1999, Gustavo V G C Rios wrote: > Which of the following file should i turn off suid/guid bit flag? > I just wanna keep the necessary file tunr on suid/guid! I am surviving with just these and I've recompiled them with a stackguard compiler. I've omitted sendmail from the list because I'm using qmail (it has some suid/guid stuff too). Some of the items in your list are duplicates because they have hard links (passwd and chpass in particular come to mine). I think ps works ok without suid for the most part, just missing some minor bits of information here and there. I probably (at the risk of irritating users and admins alike) could remove suid/guid from w (uptime), traceroute, ping and df. I *could* get by with the bare minimum of passwd, man, login and su (plus an SMTP agent like sendmail or qmail). /usr/bin/passwd /usr/bin/man /usr/bin/chpass /usr/bin/login /usr/bin/su /usr/bin/w /usr/sbin/traceroute /sbin/ping /bin/df /bin/ps - Barrett > > My system is freebsd-3.2Stable > > Here goes them: > > /proc/2965/file > /bin/df > /bin/ps > /bin/rcp > /sbin/ccdconfig > /sbin/dmesg > /sbin/dump > /sbin/rdump > /sbin/ping > /sbin/restore > /sbin/rrestore > /sbin/route > /sbin/shutdown > /usr/bin/cu > /usr/bin/uucp > /usr/bin/uuname > /usr/bin/uustat > /usr/bin/uux > /usr/bin/man > /usr/bin/suidperl > /usr/bin/sperl5.00503 > /usr/bin/at > /usr/bin/atq > /usr/bin/atrm > /usr/bin/batch > /usr/bin/chpass > /usr/bin/chfn > /usr/bin/chsh > /usr/bin/ypchpass > /usr/bin/ypchfn > /usr/bin/ypchsh > /usr/bin/fstat > /usr/bin/ipcs > /usr/bin/keyinfo > /usr/bin/keyinit > /usr/bin/lock > /usr/bin/login > /usr/bin/netstat > /usr/bin/nfsstat > /usr/bin/passwd > /usr/bin/yppasswd > /usr/bin/quota > /usr/bin/rlogin > /usr/bin/rsh > /usr/bin/su > /usr/bin/systat > /usr/bin/top > /usr/bin/vmstat > /usr/bin/w > /usr/bin/uptime > /usr/bin/wall > /usr/bin/write > /usr/bin/crontab > /usr/bin/lpq > /usr/bin/lpr > /usr/bin/lprm > /usr/bin/newaliases > /usr/bin/mailq > /usr/bin/hoststat > /usr/libexec/uucp/uucico > /usr/libexec/uucp/uuxqt > /usr/libexec/mail.local > /usr/local/bin/screen-3.7.6 > /usr/local/bin/skill > /usr/local/bin/snice > /usr/local/bin/icmpinfo > /usr/local/sbin/queso > /usr/sbin/lpc > /usr/sbin/iostat > /usr/sbin/mrinfo > /usr/sbin/mtrace > /usr/sbin/pstat > /usr/sbin/swapinfo > /usr/sbin/sliplogin > /usr/sbin/timedc > /usr/sbin/traceroute > /usr/sbin/trpt > /usr/sbin/sendmail > /usr/sbin/purgestat > /usr/sbin/ppp > /usr/sbin/pppd > /usr/games/dm > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.01.9907091319130.29645-100000>