Recent Changes - Search:

Softwares

.

SecuringANewLinuxServer

Main.SecuringANewLinuxServer History

Hide minor edits - Show changes to output

April 25, 2009, at 04:45 PM by 118.95.7.226 -
Added lines 1-3:
(:Google1:)
(:Googlemm:)
----
Added lines 39-41:

----
(:Googletxt:)
March 16, 2007, at 12:01 PM by 210.18.59.46 -
Changed lines 1-2 from:
%blue%Locate and Remove SUID/SGID's SUID (set user ID) or a SGID (set group ID) program is one that allows an ordinary user to execute it with elevated privileges.
to:
%blue%'''Locate and Remove SUID/SGID's SUID (set user ID) or a SGID (set group ID) program is one that allows an ordinary user to execute it with elevated privileges'''.
Changed lines 7-8 from:
*Sets the user ID bit on the file "myfile". The command:
to:
*'''Sets the user ID bit on the file "myfile". The command:'''
Changed lines 18-19 from:
*To set the sticky bit in a directory, do the following:
to:
*'''To set the sticky bit in a directory, do the following:'''
March 16, 2007, at 12:00 PM by 210.18.59.46 -
Added lines 1-35:
%blue%Locate and Remove SUID/SGID's SUID (set user ID) or a SGID (set group ID) program is one that allows an ordinary user to execute it with elevated privileges.

chmod +s myfile

The SUID/SGID bit can be removed with, for example, chmod -s

*Sets the user ID bit on the file "myfile". The command:

chmod g+s myfile

%green%STICKY DIRECTORIES
When the sticky bit is set on a directory, files in that directory may
be unlinked or renamed only by root or their owner. Without the
sticky bit, anyone able to write to the directory can delete or rename
files. The sticky bit is commonly found on directories, such as /tmp,
that are world-writable.

*To set the sticky bit in a directory, do the following:

chmod +t d/tmp


[root@wordsworth /]# find / -perm -4000
/bin/ping6
/bin/umount
/bin/traceroute6
/bin/mount
/bin/traceroute
/bin/ping
/bin/su

[root@wordsworth /]# ll /bin/ping
-rwsr-xr-x 1 root root 33272 May 4 2006 /bin/ping

Check '''-rwsr-xr-x'''
Edit - History - Print - Recent Changes - Search
Page last modified on April 25, 2009, at 04:45 PM