On Mon, Aug 11, 2003 at 07:55:25PM -0500, Ed Wilts wrote: > On Mon, Aug 11, 2003 at 07:44:59PM -0500, Benjamin J. Weiss wrote: > > Okay, thanks! Next question: I ran that find command from the root > > directory, and found thirty executables with that suid bit set. Some I > > can tell need it (sudo, suexec), some I think I can just delete (rlogin, > > rsh, rcp), but there are some that I don't know why they have suid > > (userisdnctl, etc). Is there a place that has a recognized list of > > files that *should* be suid? Or do I need to check each man page for > > each file that has that bit set? > > man rpm > > rpm has a verify option that will check the permissions on all the files > that are installed. If you changed permissions later, it will be > flagged as different. > > I run a regular rpmverify script to automatically go through every > installed package and e-mail a report. It's much less management than > tripwire (although not quite as effective). Let me know if you want the > script.
If its not too long, Ed could you post it to the list? I usually find just seeing good scripts to be educational. And many times I add them to my collection: "Pile O' Stuff Thats useful" -- Jeff Kinz, Open-PC, Emergent Research, Hudson, MA. [EMAIL PROTECTED] copyright 2003. Use is restricted. Any use is an acceptance of the offer at http://www.kinz.org/policy.html. Don't forget to change your password often. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list