You are not logged in.
- Topics: Active | Unanswered
#1 2004-05-11 02:37:10
- nhojohn
- Member
- Registered: 2004-04-15
- Posts: 17
SUIG/GUID programs/binaries/apps
hey guys,
does anyone know the list of programs that needs suid/guid to run properly? all in all there are 55 total suid programs found in my arch install. thats alot and im trying to make my box as secure as possible. thanks for any help in advance.
this is the script i used --> http://jm4n.com/saudit.pl
Offline
#2 2004-05-14 17:31:57
- kpiche
- Forum Fellow
- From: Ottawa, ON, Canada
- Registered: 2004-03-30
- Posts: 246
- Website
Re: SUIG/GUID programs/binaries/apps
It depends what you mean by "properly". Most programs are marked SUID/GUID so users can modify system files without being root. For example the passwd program needs SUID so users can modify /etc/passwd and /etc/shadow to change their password. If you remove SUID then no one save root can change passwords. This also goes for the "change" programs: chsh, chage, chfn, etc which modify user data in system files.
Other programs need elevated privileges to perform certain operations. The utility su needs SUID so a user can become root for example.
Basically you need to decide what SUID/GUID programs you will allow your users to use and remove SUID/GUID for the rest. Then test. 
Good luck.
Offline