Setuid

Differences between revisions 7 and 8
Revision 7 as of 2007-10-31 17:54:15
Size: 625
Editor: office4
Comment: Adding mtr. It looks good.
Revision 8 as of 2007-10-31 21:21:39
Size: 805
Editor: office4
Comment: Added mount
Deletions are marked like this. Additions are marked like this.
Line 4: Line 4:
|| iputils || /bin/ping, /bin/ping6, /bin/arping || yes || possible || UNKNOWN || || || iputils || /bin/ping, /bin/ping6, /bin/arping, /usr/bin/traceroute6.iputils || yes || possible || UNKNOWN || ||
Line 7: Line 7:
|| util-linux || /bin/mount, /bin/umount || needed || no || n/a || Checks: if (getuid () != geteuid ()). Should check for CAP_SYS_ADMIN capability||

This is a list of setuid applications that need investigation. See the [https://lists.ubuntu.com/archives/ubuntu-hardened/2007-October/000217.html mailinglist post] about this for more information.

Source Package Name

setuid Files

De-rooted

Capabilities

Changes Sent Upstream

Comments

iputils

/bin/ping, /bin/ping6, /bin/arping, /usr/bin/traceroute6.iputils

yes

possible

UNKNOWN

fping

/bin/fping

needed

no

Checks: if ( geteuid() ) {... exit(3); Will patch and send upstream -JeffSchroeder

mtr

/usr/bin/mtr

yes

possible

n/a

n/a

util-linux

/bin/mount, /bin/umount

needed

no

n/a

Checks: if (getuid () != geteuid ()). Should check for CAP_SYS_ADMIN capability

Security/Investigation/Setuid (last edited 2013-07-23 07:07:01 by 74)