plasmid
10-22-2000, 11:58 PM
I was doing some reading over at linuxdoc.org on security, and they said to beware of files that were suid/guid. I used a find command with some parameters that were supposed to list every file that was suid/guid. The list I recieved concerned me because some of those files are games (e.g /usr/bin/gnome-xbill) should I be concerned of any of theses???
Here is the list I got:
/usr/X11R6/bin/xload
/usr/X11R6/bin/imwheel
/usr/X11R6/bin/imwheel-solo
/usr/X11R6/bin/xlock
/usr/X11R6/bin/Xwrapper
/usr/X11R6/bin/xterm
/usr/X11R6/bin/XFree86
/usr/X11R6/bin/xhextris
/usr/bin/chage
/usr/bin/gpasswd
/usr/bin/man
/usr/bin/lockfile
/usr/bin/procmail
/usr/bin/crontab
/usr/bin/wall
/usr/bin/passwd
/usr/bin/chfn
/usr/bin/chsh
/usr/bin/newgrp
/usr/bin/write
/usr/bin/at
/usr/bin/lpq
/usr/bin/lpr
/usr/bin/lprm
/usr/bin/sperl5.6.0
/usr/bin/suidperl
/usr/bin/kdesud
/usr/bin/kppp
/usr/bin/rcp
/usr/bin/rlogin
/usr/bin/rsh
/usr/bin/slocate
/usr/bin/dumpreg
/usr/bin/restorefont
/usr/bin/restorepalette
/usr/bin/restoretextmode
/usr/bin/urpmi
/usr/bin/GnomeScott
/usr/bin/ctali
/usr/bin/freecell
/usr/bin/gataxx
/usr/bin/glines
/usr/bin/gnibbles
/usr/bin/gnobots2
/usr/bin/gnome-stones
/usr/bin/gnome-xbill
/usr/bin/gnomine
/usr/bin/gnotravex
/usr/bin/gtali
/usr/bin/gturing
/usr/bin/iagno
/usr/bin/mahjongg
/usr/bin/same-gnome
/usr/bin/sol
/usr/bin/zgv
/usr/bin/inc
/usr/bin/atitv
/usr/bin/atitvout
/usr/bin/xatitv
/usr/bin/xatitvc
/usr/bin/xativ
/usr/bin/gnotski
/usr/lib/emacs/20.6/i386-mandrake-linux/movemail
/usr/lib/netscape/movemail
/usr/lib/xemacs-21.1.9/i386-mandrake-linux/movemail
/usr/sbin/utempter
/usr/sbin/usernetctl
/usr/sbin/lpc
/usr/sbin/sendmail
/usr/sbin/pppd
/usr/sbin/traceroute
/usr/sbin/gnome-pty-helper
/usr/sbin/userhelper
/usr/libexec/pt_chown
/bin/mount
/bin/umount
/bin/su /bin/ping
/sbin/netreport
/sbin/pwdb_chkpwd
/sbin/unix_chkpwd
let me know if I should panic over any of these
-plasmid
Here is the list I got:
/usr/X11R6/bin/xload
/usr/X11R6/bin/imwheel
/usr/X11R6/bin/imwheel-solo
/usr/X11R6/bin/xlock
/usr/X11R6/bin/Xwrapper
/usr/X11R6/bin/xterm
/usr/X11R6/bin/XFree86
/usr/X11R6/bin/xhextris
/usr/bin/chage
/usr/bin/gpasswd
/usr/bin/man
/usr/bin/lockfile
/usr/bin/procmail
/usr/bin/crontab
/usr/bin/wall
/usr/bin/passwd
/usr/bin/chfn
/usr/bin/chsh
/usr/bin/newgrp
/usr/bin/write
/usr/bin/at
/usr/bin/lpq
/usr/bin/lpr
/usr/bin/lprm
/usr/bin/sperl5.6.0
/usr/bin/suidperl
/usr/bin/kdesud
/usr/bin/kppp
/usr/bin/rcp
/usr/bin/rlogin
/usr/bin/rsh
/usr/bin/slocate
/usr/bin/dumpreg
/usr/bin/restorefont
/usr/bin/restorepalette
/usr/bin/restoretextmode
/usr/bin/urpmi
/usr/bin/GnomeScott
/usr/bin/ctali
/usr/bin/freecell
/usr/bin/gataxx
/usr/bin/glines
/usr/bin/gnibbles
/usr/bin/gnobots2
/usr/bin/gnome-stones
/usr/bin/gnome-xbill
/usr/bin/gnomine
/usr/bin/gnotravex
/usr/bin/gtali
/usr/bin/gturing
/usr/bin/iagno
/usr/bin/mahjongg
/usr/bin/same-gnome
/usr/bin/sol
/usr/bin/zgv
/usr/bin/inc
/usr/bin/atitv
/usr/bin/atitvout
/usr/bin/xatitv
/usr/bin/xatitvc
/usr/bin/xativ
/usr/bin/gnotski
/usr/lib/emacs/20.6/i386-mandrake-linux/movemail
/usr/lib/netscape/movemail
/usr/lib/xemacs-21.1.9/i386-mandrake-linux/movemail
/usr/sbin/utempter
/usr/sbin/usernetctl
/usr/sbin/lpc
/usr/sbin/sendmail
/usr/sbin/pppd
/usr/sbin/traceroute
/usr/sbin/gnome-pty-helper
/usr/sbin/userhelper
/usr/libexec/pt_chown
/bin/mount
/bin/umount
/bin/su /bin/ping
/sbin/netreport
/sbin/pwdb_chkpwd
/sbin/unix_chkpwd
let me know if I should panic over any of these
-plasmid