On Mon, Aug 11, 2003 at 07:44:59PM -0500, Benjamin J. Weiss wrote: > Okay, thanks! Next question: I ran that find command from the root > directory, and found thirty executables with that suid bit set. Some I > can tell need it (sudo, suexec), some I think I can just delete (rlogin, > rsh, rcp), but there are some that I don't know why they have suid > (userisdnctl, etc). Is there a place that has a recognized list of > files that *should* be suid? Or do I need to check each man page for > each file that has that bit set?
man rpm rpm has a verify option that will check the permissions on all the files that are installed. If you changed permissions later, it will be flagged as different. I run a regular rpmverify script to automatically go through every installed package and e-mail a report. It's much less management than tripwire (although not quite as effective). Let me know if you want the script. -- Ed Wilts, Mounds View, MN, USA mailto:[EMAIL PROTECTED] Member #1, Red Hat Community Ambassador Program -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
