Hi list. This usually what I do to find it. find / -perm -4000 -o 2000 or if im crazy: for A in `find / -perm -4000`; do chmod -s $A;done -martin On Mon, 14 Jan 2002, BUNTER MATTHEW wrote: > --- Reçu de RVIDOI.BUNTERMA 04 72 96 57 77 14/01/02 09.28 --------------------------------------------------------------------------------------------------------------------------------- > > find / -type f -perm +6000 -ls > > Matt > > > ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > Date: Mon, 14 Jan 2002 00:12:11 -0800 > Subject: Setuid?and?setgid?files (2) (?) > > Hi. > > I thought there is another 'easier' way to get a list of setuid and setgid. I think I read somewhere in the Internet on how to find files with setuid and setgid. By using 'find' or 'ls'. Can anyone tell me how ? > > > -----Original Message----- > > From: Patrick Duane Dunston [mailto:duane@sukkha.homeip.net] > > Sent: Wednesday, January 09, 2002, 4:06 AM > > To: security-discuss@linuxsecurity.com > > Subject: Re: Setuid and setgid files > > > > Hey, > > > > Remove the suid bit (chmod u-s) the following is true: (NN--not needed on > > servers, NW--not needed on workstations, YR -- your call. If no acronym > > then it is required. > > > > /usr/sbin/sendmail -- sending mail > > /usr/X11R6/bin/Xwrapper (NN) - you are using X and normal users will be > > using it as well. > > /usr/bin/crontab (NN)(NW)-- normal users can create cron entries > > /usr/bin/chage (YR)-- normal users can change their password aging > > feature. > > /usr/bin/gpasswd (YR)-- group users can change passwords > > /usr/bin/at (NN, NW) -- you are using this daemon to run scheduled tasks > > /usr/bin/gpg (YR) -- normal users can use encryption > > /usr/bin/suidperl(NN,NW) -- (I'm still not sure the purpose of this > > program) > > /usr/bin/sperl5.6.0 (NN,NW)-- (same as above) > > /usr/bin/passwd -- Required so normal users can change their password. > > /usr/bin/ssh -- required so normal users can initiate ssh connections > > /usr/bin/chfn (NN,NW) -- users can change their finger information > > /usr/bin/chsh (NN,NW) -- users can change their shell > > /usr/bin/newgrp (NN,NW)-- users can change to a new group. > > /usr/sbin/usernetctl (NN,NW)-- normal users change network interface > > information > > and bring them up or down > > /usr/sbin/traceroute (YR) -- normal users can perform traceroutes > > /usr/sbin/userhelper (YR depends on the above)-- gives users info on how > > to use features like chfn > > or chsh, etc. > > /bin/ping (NN) -- normal users can ping > > /bin/su (YR)-- normal users allowed to su in to root or other user > > accounts > > (provided the password is known) > > /bin/mount (NN)-- users can mount filesystems. > > /bin/umount (NN)-- users can unmount filesystems. > > /sbin/pwdb_chkpwd -- used to determine if the password typed is a strong > > password and not a dictionary word. > > /sbin/unix_chkpwd > > > > Regardless the ones that are okay are: passwd, unix_chkpwd, > > pwdb_chkpwd, sendmail, ssh, traceroute. This will depend on your setup > > however. > > > > Crap I am about late for work. I'll email back about sgids later unless > > someone else email first. Also, look up libsafe and install that. > > > > > > On Wed, 9 Jan 2002, BUNTER MATTHEW wrote: > > > > > --- Reçu de RVIDOI.BUNTERMA 04 72 96 57 77 09/01/02 09.37 > > > > > > All, > > > > > > Just joined yesterday so apologies if I am asking something that > > > has been covered recently. > > > > > > Trying to add a setuid/setgid section to a Linux security > > > standard. I would like some opinions as to which files can be left > > > with setuid and setgid and which should definitely NOT be left > > > setuid or setgid. > > > > > > I have been having a good crawl around the net for a while and can > > > find various links on how to identify and edit these types of > > > files but not which ones should be altered or left alone. I > > > already have the Solaris recommendations. > > > > > > This will have to cover both server and workstation > > > implementations. > > > > > > Thanks in advance, > > > > > > Matt > > > > > > ---- 09/01/02 09.37 ---- Envoyé à --------------------------- > > > -> SECURITY-DISCUSS(a)LINUXSECURITY.COM > > > ------------------------------------------------------------------------ > > > To unsubscribe email security-discuss-request@linuxsecurity.com > > > with "unsubscribe" in the subject of the message. > > > > > > > -- > > duane > > > > > > -- > > > > GnuPG Public Key: http://sukkha.homeip.net/pgp.html > > > > -- > > > > Fun reading: 8-) > > http://linuxtoday.com/search.php3?author=Duane:Dunston > > > > > > > > ------------------------------------------------------------------------ > > To unsubscribe email security-discuss-request@linuxsecurity.com > > with "unsubscribe" in the subject of the message. > > > ------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@linuxsecurity.com > with "unsubscribe" in the subject of the message. > > ---- 14/01/02 09.28 ---- Envoyé à ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- > -> security-discuss(a)linuxsecurity.com > ------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@linuxsecurity.com > with "unsubscribe" in the subject of the message. > > ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
