You are not logged in.
Pages: 1
Running "find / -perm +6000 -ls" which I got from here http://www.auscert.org.au/5816#D I found the following:
131076 32 -rwsr-sr-x 1 root root 29986 Dec 31 2009 /sbin/unix_chkpwd
1574947 12 -rwsr-xr-x 1 root root 9508 Aug 11 02:50 /usr/lib/pt_chown
1837411 40 -rwsr-x--- 1 root dbus 38608 Mar 24 12:35 /usr/lib/dbus-1.0/dbus-daemon-launch-helper
2104295 184 -rws--x--x 1 root root 187548 May 24 08:13 /usr/lib/ssh/ssh-keysign
1583981 80 -rwxr-sr-x 1 root mail 78208 Apr 4 2009 /usr/bin/mail
1579267 20 -rwsr-xr-x 1 root root 19720 May 28 03:22 /usr/bin/passwd
1593248 32 -rwxr-sr-x 1 root locate 30488 Mar 27 01:24 /usr/bin/locate
1595243 1680 -rwsr-xr-x 1 root root 1717140 Jun 21 13:55 /usr/bin/Xorg
1595966 8 -rwsr-xr-x 1 root root 8024 May 27 17:09 /usr/bin/otp
1580159 12 -rwsr-x--- 1 root users 9964 Feb 24 04:19 /usr/bin/crontab
1579265 20 -rwsr-xr-x 1 root root 17468 May 28 03:22 /usr/bin/newgrp
1579268 36 -rwsr-xr-x 1 root root 36200 May 28 03:22 /usr/bin/chage
1580239 8 -rwxr-sr-x 1 root tty 8060 Aug 2 16:27 /usr/bin/write
1601430 8 -rwsr-xr-x 1 root root 6632 May 4 17:58 /usr/bin/slock
1579270 16 -rwsr-xr-x 1 root root 15292 May 28 03:22 /usr/bin/chsh
1579264 12 -rwsr-xr-x 1 root root 12020 May 28 03:22 /usr/bin/expiry
1579269 28 -rwsr-xr-x 1 root root 27124 May 28 03:22 /usr/bin/gpasswd
1595962 12 -rwsr-xr-x 1 root root 11860 May 27 17:09 /usr/bin/ksu
1579261 20 -rwsr-xr-x 1 root root 17404 May 28 03:22 /usr/bin/chfn
2621517 12 -rwsr-xr-x 1 root root 11608 Feb 23 19:40 /bin/traceroute6
2621516 28 -rwsr-xr-x 1 root root 26812 Feb 23 19:40 /bin/ping6
2621490 40 -rwsr-xr-x 1 root root 39084 Aug 2 16:27 /bin/umount
2621515 32 -rwsr-xr-x 1 root root 30824 Feb 23 19:40 /bin/ping
2621463 24 -r-sr-xr-x 1 root root 22932 Jun 13 13:40 /bin/su
2621492 60 -rwsr-xr-x 1 root root 60140 Aug 2 16:27 /bin/mount
2621518 20 -r-sr-xr-x 1 root root 18220 Feb 23 19:40 /bin/traceroute
Now, what does this mean, and what should I do?
Last edited by Noble (2010-08-21 14:40:03)
Those who give up their liberty for security,
neither deserve liberty nor freedom,
and they will lose both.
- Benjamin Franklin
Offline
This means that the programs are potentially dangerous, in the same way you can hurt yourself with a knife or when carelessly driving a car. You can get rid of all sharp and pointy things in your environment but that would make many things much harder or even impossible to accomplish.
This is a standard setup, you don't have to do anything.
Offline
So if I am the only user with granted access to the system this should be nothing to worry about?
Those who give up their liberty for security,
neither deserve liberty nor freedom,
and they will lose both.
- Benjamin Franklin
Offline
So if I am the only user with granted access to the system this should be nothing to worry about?
Exactly. Server / multiuser environments have stronger needs for security, but those are regular apps used for system administration: create a new user, change his password, change his shell, locate a file etc.
Offline
Pages: 1