suid
Hell All!
у меня на машине нашлись такие программы с суидным битом:
-rwxr-sr-x 1 tty 9816 Sep 20 2003 /usr/bin/wall
-rwsr-xr-x 1 root 22872 Jan 12 01:53 /usr/bin/newgrp
-rwxr-sr-x 1 shadow 34936 Jan 12 01:53 /usr/bin/chage
-rwsr-xr-x 1 root 28056 Jan 12 01:53 /usr/bin/chfn
-rwsr-xr-x 1 root 28088 Jan 12 01:53 /usr/bin/chsh
-rwxr-sr-x 1 shadow 16664 Jan 12 01:53 /usr/bin/expiry
-rwsr-xr-x 1 root 34872 Jan 12 01:53 /usr/bin/gpasswd
-rwsr-xr-x 1 root 26584 Jan 12 01:53 /usr/bin/passwd
-rwxr-sr-x 1 crontab 26872 Jan 20 00:40 /usr/bin/crontab
-rwxr-sr-x 1 mail 9260 Jun 2 2003 /usr/bin/dotlockfile
-rwxr-sr-x 1 ssh 57112 Jan 5 01:44 /usr/bin/ssh-agent
-rwsr-xr-x 1 root 18136 Oct 11 14:46 /usr/bin/traceroute.lbl
-rwsr-xr-x 1 root 11032 Nov 7 2001 /usr/bin/netselect
-rwxr-sr-x 1 mail 7852 Jan 6 18:57 /usr/bin/mutt_dotlock
-rwxr-sr-x 1 shadow 9944 Mar 30 2003 /usr/bin/vlock
-rwxr-sr-x 1 tty 7960 Feb 4 06:27 /usr/bin/bsd-write
-r-xr-sr-x 1 postdrop 7668 Dec 8 23:49 /usr/sbin/postdrop
-r-xr-sr-x 1 postdrop 8240 Dec 8 23:49 /usr/sbin/postqueue
-rwsr-xr-- 1 dip 224376 Mar 3 18:50 /usr/sbin/pppd
-rwsr-xr-- 1 dip 29128 Sep 16 2003 /usr/sbin/pppoe
-rwsr-xr-x 1 root 5604 Jan 20 19:29 /usr/lib/pt_chown
-rwsr-xr-x 1 root 89752 Dec 30 03:12 /usr/lib/man-db/mandb
-rwsr-xr-x 1 root 84600 Dec 30 03:12 /usr/lib/man-db/man
-rwsr-xr-x 1 root 130488 Jan 5 01:44 /usr/lib/ssh-keysign
-rwsr-xr-x 1 root 13312 Dec 17 17:02 /usr/lib/apache/suexec.disabled
-rwxr-s--- 1 shadow 7480 Dec 11 13:21 /usr/lib/squid/getpwnam_auth
-rwxr-s--- 1 shadow 10744 Dec 11 13:21 /usr/lib/squid/pam_auth
-rwsr-xr-x 1 root 13408 Dec 17 17:02 /usr/lib/apache-ssl/suexec.disabled
-r-sr-xr-x 1 root 15000 Jan 12 09:29 /sbin/unix_chkpwd
-rwsr-xr-x 1 root 35512 Jan 12 01:53 /bin/login
-rwsr-xr-x 1 root 23416 Jan 12 01:53 /bin/su
-rwsr-xr-x 1 root 76888 Sep 20 2003 /bin/mount
-rwsr-xr-x 1 root 39768 Sep 20 2003 /bin/umount
-rwsr-xr-x 1 root 15244 Nov 19 2001 /bin/ping
с каких из них можно безболезненно этот бит убрать?
--
Shilov Vladimir, shilov@energi.net.ua, #ICQ:287979785
Reply to:
- Follow-Ups:
- Re: suid
- From: "Victor B. Wagner" <vitus@45.free.net>
- Re: suid
- From: php-coder <php-coder@ngs.ru>