* [gentoo-doc-cvs] cvs commit: shb-perms.xml
@ 2006-09-16 20:48 Xavier Neys
0 siblings, 0 replies; 2+ messages in thread
From: Xavier Neys @ 2006-09-16 20:48 UTC (permalink / raw
To: gentoo-doc-cvs
neysx 06/09/16 20:48:37
Modified: shb-perms.xml
Log:
#147760 join lines
Revision Changes Path
1.2 xml/htdocs/doc/en/security/shb-perms.xml
file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/security/shb-perms.xml?rev=1.2&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/security/shb-perms.xml?rev=1.2&content-type=text/plain
diff : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/security/shb-perms.xml?r1=1.1&r2=1.2
Index: shb-perms.xml
===================================================================
RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/security/shb-perms.xml,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- shb-perms.xml 1 Jun 2005 15:43:47 -0000 1.1
+++ shb-perms.xml 16 Sep 2006 20:48:37 -0000 1.2
@@ -1,5 +1,5 @@
<?xml version='1.0' encoding='UTF-8'?>
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/security/shb-perms.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/security/shb-perms.xml,v 1.2 2006/09/16 20:48:37 neysx Exp $ -->
<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
<!-- The content of this document is licensed under the CC-BY-SA license -->
@@ -30,10 +30,8 @@
<body>
<pre caption="Finding world-writable files and directories">
-# <i>/usr/bin/find / -type f \( -perm -2 -o -perm -20 \) \
- -exec ls -lg {} \; 2>/dev/null >writable.txt</i>
-# <i>/usr/bin/find / -type d \( -perm -2 -o -perm -20 \) \
- -exec ls -ldg {} \; 2>/dev/null >>writable.txt</i>
+# <i>find / -type f \( -perm -2 -o -perm -20 \) -exec ls -lg {} \; 2>/dev/null >writable.txt</i>
+# <i>find / -type d \( -perm -2 -o -perm -20 \) -exec ls -ldg {} \; 2>/dev/null >>writable.txt</i>
</pre>
<p>
@@ -62,8 +60,7 @@
</p>
<pre caption="Finding setuid files">
-# <i>/usr/bin/find / -type f \( -perm -004000 -o -perm -002000 \) \
- -exec ls -lg {} \; 2>/dev/null >suidfiles.txt</i>
+# <i>find / -type f \( -perm -004000 -o -perm -002000 \) -exec ls -lg {} \; 2>/dev/null >suidfiles.txt</i>
</pre>
<p>
@@ -95,15 +92,15 @@
<p>
By default Gentoo Linux does not have a lot of SUID files (though this depends
-on what you installed), but you might get a list like the one above. Most of the
-commands should not be used by normal users, only root. Switch off the SUID bit
-on <c>ping</c>, <c>mount</c>, <c>umount</c>, <c>chfn</c>, <c>chsh</c>, <c>newgrp</c>, <c>suidperl</c>, <c>pt_chown</c>
-and <c>traceroute</c> by executing <c>chmod -s</c> on every file. Don't
-remove the bit on <c>su</c>, <c>qmail-queue</c> or <c>unix_chkpwd</c>. Removing
-setuid from those files will prevent you from <c>su</c>'ing and receiving
-mail. By removing the bit (where it is safe to do so) you remove the possibility
-of a normal user (or an attacker) gaining root access through any of these
-files.
+on what you installed), but you might get a list like the one above. Most of
+the commands should not be used by normal users, only root. Switch off the SUID
+bit on <c>ping</c>, <c>mount</c>, <c>umount</c>, <c>chfn</c>, <c>chsh</c>,
+<c>newgrp</c>, <c>suidperl</c>, <c>pt_chown</c> and <c>traceroute</c> by
+executing <c>chmod -s</c> on every file. Don't remove the bit on <c>su</c>,
+<c>qmail-queue</c> or <c>unix_chkpwd</c>. Removing setuid from those files will
+prevent you from <c>su</c>'ing and receiving mail. By removing the bit (where
+it is safe to do so) you remove the possibility of a normal user (or an
+attacker) gaining root access through any of these files.
</p>
<p>
@@ -112,6 +109,7 @@
But if you are running X, you might have some more, since X needs the elevated
access afforded by SUID.
</p>
+
</body>
</section>
<section>
--
gentoo-doc-cvs@gentoo.org mailing list
^ permalink raw reply [flat|nested] 2+ messages in thread
* [gentoo-doc-cvs] cvs commit: shb-perms.xml
@ 2006-09-16 20:52 Xavier Neys
0 siblings, 0 replies; 2+ messages in thread
From: Xavier Neys @ 2006-09-16 20:52 UTC (permalink / raw
To: gentoo-doc-cvs
neysx 06/09/16 20:52:02
Modified: shb-perms.xml
Log:
#147760 and bump
Revision Changes Path
1.3 xml/htdocs/doc/en/security/shb-perms.xml
file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/security/shb-perms.xml?rev=1.3&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/security/shb-perms.xml?rev=1.3&content-type=text/plain
diff : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/security/shb-perms.xml?r1=1.2&r2=1.3
Index: shb-perms.xml
===================================================================
RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/security/shb-perms.xml,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- shb-perms.xml 16 Sep 2006 20:48:37 -0000 1.2
+++ shb-perms.xml 16 Sep 2006 20:52:02 -0000 1.3
@@ -1,5 +1,5 @@
<?xml version='1.0' encoding='UTF-8'?>
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/security/shb-perms.xml,v 1.2 2006/09/16 20:48:37 neysx Exp $ -->
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/security/shb-perms.xml,v 1.3 2006/09/16 20:52:02 neysx Exp $ -->
<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
<!-- The content of this document is licensed under the CC-BY-SA license -->
@@ -7,8 +7,8 @@
<sections>
-<version>1.0</version>
-<date>2005-05-31</date>
+<version>1.1</version>
+<date>2006-09-16</date>
<section>
<title>World readable</title>
--
gentoo-doc-cvs@gentoo.org mailing list
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2006-09-16 20:51 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-09-16 20:48 [gentoo-doc-cvs] cvs commit: shb-perms.xml Xavier Neys
-- strict thread matches above, loose matches on Subject: below --
2006-09-16 20:52 Xavier Neys
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox