On Mon, Aug 11, 2003 at 07:55:25PM -0500, Ed Wilts wrote:
> On Mon, Aug 11, 2003 at 07:44:59PM -0500, Benjamin J. Weiss wrote:
> > Okay, thanks!  Next question:  I ran that find command from the root
> > directory, and found thirty executables with that suid bit set.  Some I
> > can tell need it (sudo, suexec), some I think I can just delete (rlogin,
> > rsh, rcp), but there are some that I don't know why they have suid
> > (userisdnctl, etc).  Is there a place that has a recognized list of
> > files that *should* be suid?  Or do I need to check each man page for
> > each file that has that bit set?
> 
> man rpm
> 
> rpm has a verify option that will check the permissions on all the files
> that are installed.  If you changed permissions later, it will be
> flagged as different.
> 
> I run a regular rpmverify script to automatically go through every
> installed package and e-mail a report.  It's much less management than
> tripwire (although not quite as effective).  Let me know if you want the
> script.


If its not too long, Ed could you post it to the list?

I usually find just seeing good scripts to be educational.  And many
times I add them to my collection: "Pile O' Stuff Thats useful"


-- 
Jeff Kinz, Open-PC, Emergent Research,  Hudson, MA.  [EMAIL PROTECTED]
copyright 2003.  Use is restricted. Any use is an 
acceptance of the offer at http://www.kinz.org/policy.html.
Don't forget to change your password often.


-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list

Reply via email to