Re: setuid programms
On Mon, 19 Jan 1998, Andreas Jellinghaus wrote:
> can someone please tell me, why are these programs setuid :
Sure.
> rcp rlogin rsh
So that network connections can originate from a low-numbered port,
on the theory that this ensures that the user which the client purports
to be bears some resemblence to the client's user ID on the client
system. This is unfortunately typical of the silly assumptions
which underly the "r" series of tools, which in turn are the main
reasons why their use is deprecated.
> ssh
Similar reasoning, although unlike the "r" series, this one can be
safely un-suid'd, and I think that it should be so.
> man mandb
Man is suid or sgid as the user "man" so that the man program can manage
uncompressed roff files and perform other maintenance functions
in the man dirs. Fairly reasonable.
> fdmount fdformat
Presumably so that users can modify /dev/fd0.
> write
Ability to write to other users' ttys, an ability which I think
unsafe. I've been told that one can do nasty ANSI terminal
tricks, such as remapping "enter" to "exit" and worse. Ask your
local IRC bunny for tales of how dangerous this is; mention
"flashing" to him. Agian, I have no first-hand experience.
> login
Actually, why is this suid? Should it ever be run by anyone other
than root?
> /usr/lib/mc/bin/cons.saver
Root-specific console ioctls, or something?
> maybe each package, that comes with setuid programs should have an
> explanation why xxx is setuid in it's readme.debian ?
Some sort of record of suid-ness would be nice. They should be
periodically reviewed to ensure that the suid-ness is necessary.
--
Todd Graham Lewis Manager of Web Engineering (800) 719-4664, x2804
******Linux****** MindSpring Enterprises tlewis@mindspring.net
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: