Our security group wants us to turn off setuid for all programs or document why it's there.
Well... sounds like you need a new security team....
Not a bad idea to document why they're all there though. The good news... you have the source... could take a while. Try mailing the authors/maintainers and seeing if they can help expedite the process.
SLES 7 seems to have the following: mount ping umount at chage chfn chsh crontab gpasswd rlogin rcp rsh sendmail traceroute
SLES 8 has all the above except for rcp rlogin rsh sendmail & traceroute
Is everything going to fall apart if I change them? Or can anyone point out why these programs need it so I can justify it to them? Thanks!
Does make one wonder why similar issues aren't raised with Windows though. Especially when you consider things like the way backup software works.... smells like a witch hunt to me.
Marcy Cortes Wells Fargo Services Company
