From owner-freebsd-security Mon Sep 30 15:29:48 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id PAA08394 for security-outgoing; Mon, 30 Sep 1996 15:29:48 -0700 (PDT) Received: from bitbucket.edmweb.com (bitbucket.edmweb.com [204.244.190.9]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id PAA08320 for ; Mon, 30 Sep 1996 15:29:40 -0700 (PDT) Received: (from steve@localhost) by bitbucket.edmweb.com (8.6.12/8.6.12) id PAA00302; Mon, 30 Sep 1996 15:29:26 -0700 Date: Mon, 30 Sep 1996 15:29:21 -0700 (PDT) From: Steve Reid To: Marc Slemko cc: freebsd-security@FreeBSD.ORG Subject: Re: setuid programs in freebsd In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > Below is the start of a document I am putting together about various > setuid programs in FreeBSD with the intent of giving users a chance to > disable what they don't need. [snip] This is a very good idea. Other people have posted about what they've removed the suid bit from, but not with such detailed information. How about turning this into a script for convenience? It could go through all of the suid programs, display the relevant info from your document, and ask how the modes should be set. Much faster and easier than manually going through all of the files and typing the necessary chflags and chmod commands by hand. ===================================================================== | Steve Reid - SysAdmin & Pres, EDM Web (http://www.edmweb.com/) | | Email: steve@edmweb.com Home Page: http://www.edmweb.com/steve/ | | PGP (2048/9F317269) Fingerprint: 11C89D1CD67287E68C09EC52443F8830 | | -- Disclaimer: JMHO, YMMV, TANSTAAFL, IANAL. -- | ===================================================================:)