Hi,
> /usr/bin/suidperl(NN,NW) -- (I'm still not sure the purpose of this
> program)
> /usr/bin/sperl5.6.0 (NN,NW)-- (same as above)
suidperl is used on systems where you cant set the suid bit on *scripts*,
calling a script with this interpreter is the same as setting it u+s. Older
versions of perl ( < 5.6.1) had serious security problems with suidperl, so
its a good idea to remove the suid bit.
> /usr/bin/ssh -- required so normal users can initiate ssh connections
you only need the suid bit set on the ssh client if you are using .rhosts
authentication, because it needs to bind port < 1024 to make sure you really
are who you're telling you are (to the server), like the old rlogin/rsh
protocol.. its safe to remove the suid bit too..
>
> /bin/su (YR)-- normal users allowed to su in to root or other user
> accounts
> (provided the password is known)
also its a good idea to restrict its execute permission to only a few trusted
people, changing its group and setting its permission to 4750.
Italo.
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
