Date: Tue, 30 Mar 1999 02:02:24 -0500 (EST) From: "Harry M. Leitzell" <Harry_M_Leitzell@cmu.edu> To: freebsd-security@freebsd.org Subject: Curious about 'hoststat' Message-ID: <Pine.SOL.3.96L.990330015216.2230A-100000@unix8.andrew.cmu.edu>
next in thread | raw e-mail | index | archive | help
Well, I am going through a FreeBSD machine and removing the suid bits on programs that have no purpose having them for a simple user host machine. Going through /var/log/setuid.today and changing the permissions on the programs seems like a good idea until I got to 'hoststat'. -r-sr-xr-x 5 root wheel 290016 Feb 15 05:45:23 1999 /usr/bin/hoststat I usually go through the man pages for a program that has a suid bit by default to make sure no user actually could have a use for it. Only this doesn't have a man page. A keyword search turns up nothing. Running it does seemingly nothing. It intrigues me that a progam could be suid 0 by default and not have any documentation on it. While the experienced person might just CVS the source, deduce the meaning of it from the code, some of us don't have the experience or time to do so. I was just thinking if there isn't sufficient documentation on the program, should it be installed suid 0 by default? [-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-] Harry M. Leitzell - Harry_M_Leitzell@cmu.edu Carnegie Mellon University Finger for PGP Public Key [-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.3.96L.990330015216.2230A-100000>