Re: Bug#27050 (fdutils): A cause for security concern?
Ben Collins wrote:
> Any program that is suid or sgid for no reason what-so-ever is always a
> reason for a bug report, especially if it's suid root...we need some
> automatic catch for new packages that have suid or sgid binaries in
> them, or call suidregister.
Lintian can serve as a check for the former case. See
http://master.debian.org/~dark/lintian/reports/Tsetuid-binary.html
I don't think it handles suidmanager yet.
--
see shy jo
Reply to: