[ubuntu-hardened] Removing SUID on binaries that don't need it

Jeff Schroeder jeffschroed at gmail.com
Fri Nov 30 00:08:08 GMT 2007


On Nov 29, 2007 3:24 PM, John Richard Moser <nigelenki at comcast.net> wrote:
>   - You can if you're root
>
>   - Nobody cares, you're root already
>
>   - If you're using SELinux, it shouldn't let you ptrace across contexts
>
>   - If you can, somebody needs to fix your policy
>
>   - You have no caps to drop if you're not root (via SUID or other)
>
> I think that covers about everything.  There's a lot of "well this
> situation lets you get away with it" that ends something like "... but
> you own the box already anyway."

The point of this discussion was whether or not we should investigate
removing suid bits from binaries that don't need them, not how to write
better software.

Stripping suid might prevent that 1 case where buggy code or some new
class of exploit comes out (hello dangling pointers!) allows an attacker to
gain root.

-- 
Jeff Schroeder

Don't drink and derive, alcohol and analysis don't mix.
http://www.digitalprognosis.com



More information about the ubuntu-devel mailing list