[PLUG] [Updates]PLUG meeting on 6th Oct. at 5pm @SICSR
Arun Khan
knura9 at gmail.com
Thu Oct 11 13:19:57 IST 2012
On Sun, Oct 7, 2012 at 10:20 AM, Sunil Beta Baskar <betasam at gmail.com> wrote:
... snip ...
> [ SetUID bit ]
> Behavior on linux-kernel 3.2.x with
> $ chmod a+s somefolder
> $ ls -ltr somefolder
> shows all files inside somefolder with their original rights and
> *owners* on ext4. This is on Debian Wheezy.
>
> Although the setUID bit is still used, it is not recommended if you
> want to have any sense of security on a system.
Per your recommendation about usage of SetUID bit, please suggest
alternatives for the following that come to my mind offhand (I :
$ for x in sudo X chsh passwd; do ls -l $(which ${x}); done
-rwsr-xr-x 1 root root 71248 Jan 31 2012 /usr/bin/sudo
-rwsr-sr-x 1 root root 10184 Mar 22 2012 /usr/bin/X
-rwsr-xr-x 1 root root 37096 Apr 9 2012 /usr/bin/chsh
-rwsr-xr-x 1 root root 42824 Apr 9 2012 /usr/bin/passwd
-- Arun Khan
More information about the Plug-mail
mailing list