On Sun, Feb 03, 2002 at 02:41:44PM +0100, Wojciech Bojdol wrote:
> > > But only administrator or operator should do that.
> > Why ?
> 
> What for they have to look at unmounted filesystem like eg. floppy ?

Forget about it, I was thinking user mounts and such. In this case the
user already has access to the device, to no need to suid.

> 
> > You don't secure a system by removing suid bits, but my removing binaries that
> > you don't need, and check permissions on the ones that you left.
> > This can't be done in a generic way, it depends on the application.
> 
> Yes, I know, rm -Rf / is the best way to make system secure... :)
> What files you're talking about ?
> gcc ?

All the ones you don't need (e.g. pppd if you're not running pppd).

> Files with suid bit's are dangerous, because they can be exploited if there
> are bugs in them or just using bug in signal-handling on some systems.

Because a program is suid doesn't give you instant root, especially if it's
not suid root.
For most programs we're talking about, these are sgid, not suid.

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
--