suid/sgid programy

Peter Rosa prosa at pro.sk
Tue Jun 15 08:00:45 CEST 2004

Previous message: suid/sgid programy
Next message: suid/sgid programy
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Zdravim vsetkych,

a chcel by som doplnit otazku o nasledovne:

ako je to s suid/sgid programami na stroji, ktory je urceny VYHRADNE pre
jedneho uzivatela - gateway/firewall.
root sa prihlasuje z konzoly a reg. uzivatel (jediny) sa tiez moze prihlasit
iba z konzoly a jediny krok, ktory urobi je su -.

Su tu potrebne programy, ktore maju nastaveny suid/sgid bit ? Alebo ich
pokojne mozeme mazat/chmod ?

Peter Rosa


> Hello users-l,
>
>   zajimalo by me vice o tom, proc potrebuji nektere programy byt
>   suid/sgid? jak zjistim proc jsou tak nastaveny a jak zjistim, ktere
>   mohu odstranit, kdyz bych je nemusel pouzivat?
>
>   docetl jsem se toto, ale nevim, jestli by to byla dobra cesta :)
>
> One strategy is to remove the set-id bits from all files, then selectively
add them back to just a few programs that need to be run by non-root users.
The following commands will remove the set-uid and set-gid bit from all
files, then add it back to su and the shared lib PAM version of the passwd
command:
>
> find / -perm -4000 -type f -exec chmod u-s {} \;
> find / -perm -2000 -type f -exec
> chmod g-s {} \;
> chmod u+s
> /usr/bin/su
> chmod u+s
> /usr/bin/passwd
>
> diky za tipy a odkazy
>
> -- 
> Best regards,
>  Jiri                          mailto:jiri.b at sendmail.cz
>
> -- 
> FreeBSD mailing list (users-l at freebsd.cz)
> http://www.freebsd.cz/listserv/listinfo/users-l
>
>

Previous message: suid/sgid programy
Next message: suid/sgid programy
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users-l mailing list