SUID and SGID security concern

akonstam at trinity.edu akonstam at trinity.edu
Tue Nov 8 14:31:04 UTC 2005


On Tue, Nov 08, 2005 at 09:39:44AM -0400, Aron Levy wrote:
> 
> Hi good morning,
> 
> I got some questions about the SUID and SGID attributes. I'm running a 
> web server with Apache and FC3, and I was asked to eliminate this 
> attributes to the files that don't need them to work properly.
> 
> Certainly, the list of files that use these attributes is not short, and 
> i'm not sure which one of those can work without them. I'm not pasting 
> the list here, but I can do it if you want.
> 
> If anyone can give me some advise on this matter i'll be very thankful.
> 
> Thanks in advance!
> 
> Aron L.
This is confusing. SUID is not needed on any file that does not need
to run with root privileges or SGID with root group priviledges.
You don't need to post all the files but I can't quite see what files need
these privilidges on a web server. Could you give us and example?
-------------------------------------------
Aaron Konstam
Computer Science
Trinity University
telephone: (210)-999-7484




More information about the fedora-list mailing list