---

Home Security

Security Portal: Shredding Access in the Name of Security: Set UID Audits

By

Almost every time I read an article on securing a
Unix/Linux box, I find a glaring omission. They all discuss turning
off unneeded services, like ftp and telnet, but rarely do they
cover the next step of performing a SUID audit. Just as most
services are a danger because they often run as root, SUID root
programs always run as root. The danger here is that if someone
obtains an account on your computer, legitimately or otherwise,
SUID root programs present them a potential means for grabbing root
access.”

“In this article, I’ll introduce Linux/Unix file permissions,
root privilege and the SUID path to root. Then I’ll help you run a
SUID audit on your system, using Red Hat 6.2 as an example. While
Bastille Linux also runs an audit, there are some really great
concepts and practices here for your everyday use; furthermore, you
have more options doing this manually. Let’s start by discussing
Unix/Linux file permissions.”

Complete
Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.