Which commands (in /bin & /usr/bin) must have set user ID (for root)
Doug Gwyn
gwyn at brl-smoke.ARPA
Wed Oct 22 02:15:59 AEST 1986
In article <32 at popeye.UUCP> sherm at popeye.UUCP (62545456-Paul A. Sherman;LZ 3E-303;6316) writes:
>I think that /etc should remain mode 775, group sys, as distributed.
Please note that, from a security standpoint, this has given any "sys" group
member (or set-gid "sys" process) super-user access if it chooses to exploit it.
Also note that "ps" need not have write permission on /etc in order to rewrite
/etc/ps_data. (If so desired, the file could be locked during rewrite so that
concurrent "ps"es wouldn't trip over each other.)
More information about the Comp.unix.wizards
mailing list