Net-Security.org: Suid programs, getting to the root of the problem | Linux Today

Net-Security.org: Suid programs, getting to the root of the problem

Written By
Web Webster
Web Webster
Oct 16, 2000

[ Thanks to LogError for this link.
]

“Here we go again. There are still some little touches left to
make your linux even a bit more secure, involving suid, nouser,
sudo and etc. Now, this article is also newbie friendly, but also
it requires some small amount of knowledge. Fear not, for I shall
explain everything as painfully as I can. So sit back, grab
yourself your favorite drink, some peanuts and relax. 3,2,1…”

“As I have written in my previous article “Securing a default
Linux distribution”… there’s no such thing as an absolute
security. Now that you’re aware of this let’s discuss suid. Yes,
the suid, wich stands for ‘Set-user-ID’ root programs. As
you can guess these programs run as root regardless of who is
executing them. The reason suid programs are so dangerous is that
interaction with the untrusted user begins before the program is
even started.
There are many other ways to confuse the
program, using things like environment variables, signals, or
anything you want. Exactly this ‘confusion’ of a program is a cause
of frequent buffer overflows. More than 50 % of all major security
bugs leading to releases of security advisors are accounted to suid
programs. And some distributions are shipped with hundreds of these
suid programs, most of which you’ll probably never use. Of course
there are few wich are neccessary, in order that normal user might
perform operations wich are normally done by root. Now let’s get to
the root of the problem…”

“How can you find out about the suid programs on your system:
the thing to do is to get a list of all suid programs on your
system and start the boring task of going through them.
Unfortunately, I can’t tell you here wich you need, might need or
don’t need. But, again, fear not for logic is your best friend
here. Just browse through the list of all suid programs, and find
those that you use, sometimes or frequently or never use. But, I
must warn you, the list could be looooong.”

Complete
Story

Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.