Softwares ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() |
Main /
SecuringANewLinuxServer
Locate and Remove SUID/SGID's SUID (set user ID) or a SGID (set group ID) program is one that allows an ordinary user to execute it with elevated privileges. chmod +s myfile The SUID/SGID bit can be removed with, for example, chmod -s
chmod g+s myfile STICKY DIRECTORIES When the sticky bit is set on a directory, files in that directory may be unlinked or renamed only by root or their owner. Without the sticky bit, anyone able to write to the directory can delete or rename files. The sticky bit is commonly found on directories, such as /tmp, that are world-writable.
chmod +t d/tmp [root@wordsworth /]# find / -perm -4000 /bin/ping6 /bin/umount /bin/traceroute6 /bin/mount /bin/traceroute /bin/ping /bin/su [root@wordsworth /]# ll /bin/ping -rwsr-xr-x 1 root root 33272 May 4 2006 /bin/ping Check -rwsr-xr-x
|