Re: Setuid programs on SLES 7 8

2004-01-06 Thread McKown, John
, or taking any action based on it, is strictly prohibited. -Original Message- From: Marcy Cortes [mailto:[EMAIL PROTECTED] Sent: Monday, January 05, 2004 6:50 PM To: [EMAIL PROTECTED] Subject: Re: Setuid programs on SLES 7 8 Thanks all for your answers. I'm wondering about them

Setuid programs on SLES 7 8

2004-01-05 Thread Marcy Cortes
Our security group wants us to turn off setuid for all programs or document why it's there. SLES 7 seems to have the following: mount ping umount at chage chfn chsh crontab gpasswd rlogin rcp rsh sendmail traceroute SLES 8 has all the above except for rcp rlogin rsh sendmail traceroute Is

Re: Setuid programs on SLES 7 8

2004-01-05 Thread Guillaume Morin
Dans un message du 05 jan ` 11:59, Marcy Cortes icrivait : SLES 7 seems to have the following: mount ping umount at chage chfn chsh crontab gpasswd rlogin rcp rsh sendmail traceroute SLES 8 has all the above except for rcp rlogin rsh sendmail traceroute Is everything going to fall apart

Re: Setuid programs on SLES 7 8

2004-01-05 Thread Post, Mark K
are setuid in the first place. It's not like developers through that in just for the fun of it. Mark Post -Original Message- From: Marcy Cortes [mailto:[EMAIL PROTECTED] Sent: Monday, January 05, 2004 2:59 PM To: [EMAIL PROTECTED] Subject: Setuid programs on SLES 7 8 Our security group

Re: Setuid programs on SLES 7 8

2004-01-05 Thread Adam Thornton
On Mon, 2004-01-05 at 13:59, Marcy Cortes wrote: Our security group wants us to turn off setuid for all programs or document why it's there. SLES 7 seems to have the following: mount ping umount at chage chfn chsh crontab gpasswd rlogin rcp rsh sendmail traceroute SLES 8 has all the above

Re: Setuid programs on SLES 7 8

2004-01-05 Thread Post, Mark K
sed -e 's/through/throw/' Sigh. Mondays. Mark Post -Original Message- From: Post, Mark K Sent: Monday, January 05, 2004 3:17 PM To: 'Linux on 390 Port' Subject: RE: Setuid programs on SLES 7 8 Guillaume has already documented some of these. I just want to urge you to completely

Re: Setuid programs on SLES 7 8

2004-01-05 Thread Joe Poole
On Monday 05 January 2004 15:48, you wrote: sed -e 's/through/throw/' Sigh. Mondays. Mark Post We knew what you meant.

Re: Setuid programs on SLES 7 8

2004-01-05 Thread Chris Cox
Marcy Cortes wrote: Our security group wants us to turn off setuid for all programs or document why it's there. Well... sounds like you need a new security team Not a bad idea to document why they're all there though. The good news... you have the source... could take a while. Try mailing the

Re: Setuid programs on SLES 7 8

2004-01-05 Thread Marcy Cortes
Thanks all for your answers. I'm wondering about them too, but I think it's a case of clerks and checklists not any real concerns. Thanks again. Marcy Cortes Wells Fargo Services Company

Re: Setuid programs on SLES 7 8

2004-01-05 Thread Alan Cox
On Llu, 2004-01-05 at 20:12, Adam Thornton wrote: rsh, rcp, rlogin: I don't really know why they need to be setuid, but you don't want them on your system anyway. Use ssh instead. It can do everything those can, and it provides a secure transport to do it. BSD unix people had this idea that