[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: traceroute vs. traceroute6



On Fri, Jul 28, 2000 at 07:36:46PM +1000, Herbert Xu wrote:
> > so the question is why is it installed as suid?
> 
> What's that got to do with anything?

It's got to do with the fact that you allow the users to run it. And once
you do that, it's no longer an admin-only command. To quote the FHS:

# 4.7  /usr/sbin : Non-essential standard system binaries
# 
# This directory contains any non-essential binaries used exclusively by
# the system administrator.

Notice the _exclusively_.

> There are other setuid binaries in sbin and /usr/sbin as well.

% find /sbin /usr/sbin -perm 4755
/sbin/unix_chkpwd                                       [1]
/usr/sbin/traceroute

OTOH:

% find /bin /usr/bin -perm 4755
/bin/login
/bin/mount
/bin/umount
/bin/ping
/bin/su
/bin/ping6
/usr/bin
/usr/bin/newgrp
/usr/bin/chfn
/usr/bin/chsh
/usr/bin/gpasswd
/usr/bin/passwd
/usr/bin/lpq
/usr/bin/crontab
/usr/bin/gpg
/usr/bin/traceroute6
/usr/bin/lprm
/usr/bin/restorefont
/usr/bin/dumpreg
/usr/bin/restorepalette
/usr/bin/netselect
/usr/bin/restoretextmode
/usr/bin/lpr
/usr/bin/synaesthesia
/usr/bin/splaymidi
/usr/bin/at
/usr/bin/mtr
/usr/bin/vfte
/usr/bin/fping
/usr/bin/sudo
/usr/bin/deliver

Even though this was done only on a limited set of packages, those installed
on my system, it is obvious which program doesn't follow suit.

[1] from unix_chkpwd(8) manual page:

SYNOPSIS
       <not invoked manually>

USAGE
       This  program  is  not  intended  to be called directly by
       users and will log to syslog if it  is  called  imporperly
       (i.e., by some one trying exploit it).

-- 
Digital Electronic Being Intended for Assassination and Nullification



Reply to: