Debian Planet








Welcome to Debian Planet

Search

Apt-get into it.
Main Menu

  • Home

  • Topics

  • Web Links

  • Your Account

  • Submit News

  • Stats

  • Top 10

  • Debian

    These are important Debian sites one should not be without!

  • Official Debian site

  • Package search

  • Mailing list archives

  • Bug reports

  • Debian on CD

  • Unofficial woody CD ISOs

  • Unofficial APT sources

  • Developers’ Corner

    Other great Debian news sources:

  • Debian Weekly News

  • Kernel Cousin Debian

    (Debian mailing lists digested)
  • Community Groups

    Need help? You’re not alone on this planet.

  • debianHELP

    (User support site)

  • Debian International

  • DebianForum.de

    (Deutsch)

  • EsDebian

    (español)

  • DebianWorld

    (français)

  • MaximumDebian

    (Italiano)

  • DebianUsers

    (Korean)

  • Debian-BR

    (Português)

  • IRC

    The place to get help on a Debian problem (after reading docs) or to just chat and chill is #debian on irc.debian.org.

    Many of the Debian Planet staff live there so pop by and say hello.

    Wanna write?

    Got that latest or greatest scoop? Perhaps you have some important news for the Debian community? Submit a news item!

    Or perhaps you’ve written a rather ground breaking insight into some aspect of Debian and you feel compelled to share it with others? Knock up a longer editorial article and send it to the editors.

    Sponsorship

    DP is sponsored by Xinit Systems and kieser.net.

    Domains paid for and hosted by uklinux.net.

    Buy your Debian merchandise at DebianShop.com.

    Who’s Online

    There are currently, 36 guest(s) and 2 member(s) that are online.

    You are Anonymous user. You can register for free by clicking here.

      
    Threshold


    The comments are owned by the poster. We aren’t responsible for their content.

    Re: Dangers of SUID Shell Scripts (Score: 3, Interesting)
    by Anonymous on Friday, June 01 @ 15:50:32 BST

    What is the policie for that ?

    [ Reply | Parent ]


    Re: Dangers of SUID Shell Scripts (Score: 5, Insighful)
    by takin on Saturday, June 02 @ 23:37:57 BST
    (User Info)

    I can’t comment on Debian SUID programs specifically, but SUID program are always targets… The same exploits that affect a SUID shell script can affect a SUID program. SUID script make it easier because you can see the script and because on many systems you just can’t make SUID scripts secure. However, IFS, PATH, user input, temp files, etc… can all be problems in SUID programs. SUID program also have the additional concerns of buffer overflows…

    Any program that is run SUID should be carefully written and evaluated. As part of hardening my systems, I go through and remove the SUID bit on all binaries that I don’t use just to eliminate the potention for a vulnerability…

    See Matt Bishops site http://seclab.cs.ucdavis.edu/~bishop/secprog.html for information on how to write or review a SUID program….

    Thomas

    [ Reply | Parent ]


    Based on: PHP-Nuke

    All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © 2000 by Debian Planet

    You can syndicate our news using the file backend.php.