Security :: Remove Access To MOST Of These SUID Binaries?

Mar 16, 2010

I say to remove access to MOST of these SUID binaries? do they all need this power? what i want to do is minimize access just incase one of them gets an exploit(as ive already done for apache SuEXEC)

[Code]...

View 1 Replies


ADVERTISEMENT

Security :: Remove The Suid Bits From All Programs?

Jan 20, 2010

I've searched the forum, but nothing answers my question. We know the security risk posed by suid, sgid.I'm looking to remove the suid bits from all programs that do not absolutely need it.

This command:
find / -type f ( -perm -04000 -o -perm -02000 ) -exec ls -lg {} ;
gave the list below.

For which of these programs can I safely remove the suid bit? I don't want to break my system by modifying a program that the system needs.

-r-sr-xr-x 1 bin 502172 Jan 10 12:36 /usr/local/bin/dccproc
-r-sr-xr-x 1 bin 186683 Jan 10 12:36 /usr/local/bin/cdcc
-r-s--x--x 1 root 23980 Nov 17 00:27 /usr/lib/virtualbox/VBoxNetDHCP
-r-s--x--x 1 root 9896 Nov 17 00:27 /usr/lib/virtualbox/VBoxNetAdpCtl
-r-s--x--x 1 root 23976 Nov 17 00:27 /usr/lib/virtualbox/VBoxSDL

[Code]...

View 3 Replies View Related

Software :: Squid 3.0 Access List / Remove Redirect Statement From Iptables All Internet Access Is Blocked?

Jun 11, 2010

I have an old FC2 box running Squid version 2.5. It has been running since 2003 so I am in the process of replacing it. I have a new machine with FC11, iptables, and Squid 3.0 installed.

On the old machine I use iptables to intercept Port 80 traffic and send it to Squid. By default I block all internet access and allow only sites that are in an Allowed_Sites.txt file. Within Squid I also have statements to allow certain users to bypass Squid based on their IP address.

I have set up the same thing on the new box. I have iptables intercepting the Port 80 traffic and sending it to Squid. That is working because if I remove the redirect statement from iptables all internet access is blocked.

The problem I am having is that Squid is not blocking any websites. It acts like the ACL is set to http_access allow all. I have worked on this for several hours and am stumped.

These are my Squid rules:
acl allowed_sites url_regex "/etc/squid/Allowed_Sites.txt"
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl SSL_ports port 443
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow Bypass_Users
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl our_networks src 192.168.1.0/24
http_access allow allowed_sites
http_access allow our_networks
http_access deny all
icp_access deny all
htcp_access deny all
http_port 192.168.1.254:3128 transparent
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4320
visible_hostname FC11.proxybox
icp_port 3130
coredump_dir /var/spool/squid

View 2 Replies View Related

Fedora Security :: Remove Nagging Security Screen?

Oct 10, 2009

If I leave the computer running for a few minutes without doing anything on it, this screen appears demanding that I enter my password, otherwise I can't get back to Fedora. I understand the necessity for this security feature in a work environment, but I'm just a home user and this security screen is just a nagging problem I don't know how to get rid of.

View 1 Replies View Related

Ubuntu :: SUID And 'permission Denied'?

Feb 3, 2010

I have just installed 9.10 netbook remix onto my Eeepc 901. I was previously using 9.4 Rather than clicking on shutdown icons, or going through shutdown menus, I added a keyboard shortcut to run a shell script containing the following code:

Code:
#!/bin/bash
init 0
because init needs to be run as root to have the correct permissions, I set the owner and group to be root , ran chmod 711, then chmod u+s to prevent anyone altering the script, and to allow anyone to execute it with root privelidges Since updateing to 9.10 netbook remix, I have been unable to get this to work. have applied the above changes but get a "/bin/bash: /usr/bin/shutdownscript: permission denied" error when I try to run my shutdown script from the terminal (nothing happens when I press the key combination asigned to the keyboard shortcut). If I run the shutdown script with sudo then it neatly shuts down. ls reveals the following permissions:-rws--s--x 1 root root

So it appears as if SUID and SGID are both set, and the owner/group are correct, and the script works, and yet it doesn't have the permissions to work. I installed 9.4 long ago enough that I can't remember if I had to do anything else to get it working, or has something changed between 9.4 and 9.10?

View 3 Replies View Related

General :: Execute Firefox As It's Own User ( SUID )?

Jun 8, 2010

i was wondering if it is possible to run a program such as firefox or any other internet program as its own user (ie user firefox), but still in my desktop session, this way the program would have its own home folder and store all the data there, while i use it normally, i was trying to set the suid on the firefox binaries but then it doesn't starts at all.

View 6 Replies View Related

General :: What Is Suid Or Nosuid And Would It Override Nfs Server

Apr 26, 2010

what is suid or nosuid and would it override nfs server? I really don't know what this all means. whats the difference?

View 1 Replies View Related

Debian :: Suid And Writing Files Permissions In The ET Server?

Feb 22, 2010

I have tried to configure an Enemy Territory Server in an way that a common user could run it just executing a command line. The first thing I did was writing a script like that

/usr/local/games/enemy-territory/etded +set dedicated 1 +set net_port 27960 +set fs_game etpub +set fs_homepath /usr/local/games/enemy-territory/27960 +set sv_punkbuster 1 +set +exec server.cfg +set +exec punkbuster.cfg  +set +exec bots.cfg

and then putting it in the /usr/local/bin directory. Ok, the things seem to be fine, but then I realized that the program tries to write some config and log files. I noticed that because some warnings appear in the command line, like that Couldn't write etconfig.cfg always that I run the command as a normal user. On the other hand, if I give writing permission to these files, all the warnings disapear.
But I don't think it is a good way, because someone could change these files by hand, what would not be good.

My last try was to set the suid of the script up, with the command chmod u+s /usr/local/bin/etded-server
But as I already knew that suid does not work well with shell script I wrote a C source like that:

[Code]...

View 4 Replies View Related

Networking :: Mounting Cifs As User - Permissions With SUID Bit?

Jan 11, 2010

I have looked at a LOT of forum posts and other sites trying to solve this problem but I have had no luck. I've seen the following:[URL].. I have an entry in my fstab that lets root mount a samba share on a Windows Server 2003 machine and gives users full read/write access to the share. The fstab entry looks like:

Code:
//servername.net/share /mnt/share cifs rw,user,umask=000,username=someuser,noauto,file_mode=0777,dir_mode=0777 0 0
However, when a normal user tries to mount the share they get one of two errors:
1. If I have /sbin/mount.cifs set to 777
Code:
mount error(1): Operation not permitted
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
2. If I have /sbin/mount.cifs set to +s

Code: mount error: permission denied or not superuser and mount.cifs not installed SUID Does anyone have any suggestions as to how I would go about getting a user able to mount this samba share?

View 1 Replies View Related

Ubuntu Security :: Remove All Privileges From CWD?

Jan 21, 2010

I am on the admin account of my computer and am trying to remove all privileges from CWD i have tried

chmod go-rwx ~
sudo chmod go-rwx ~

but when i pull up

ls -l ~

It is still showing permission in the g and o column.

View 9 Replies View Related

Programming :: Suid Disabled From Running All Scripts Or Just From Running Them As Root ?

Sep 4, 2009

Is suid disabled from running all home made bash scripts or just from running them as root or:

Who would know for sure.

I googled several combinations of Mandriva Linux how-to suid disabled setUID etc... so far all I found was "many distributions are disabling suid for security reasons" nothing specific.

View 2 Replies View Related

Ubuntu :: Add/Remove Not Under Applications - How To Access It

Jan 18, 2011

i have looked under applications as well as system for the add/remove but it is not there, how else can i find it or access it?

View 2 Replies View Related

Ubuntu Security :: Remove Authentication Completely From My Pc?

Jan 7, 2010

How can I remove authentication completely from my pc?
How can I edit the files present in the patrician filesystem?

View 8 Replies View Related

Ubuntu Security :: Malware + MBR - How To Discover/remove

Feb 28, 2010

Can a virus survive a reformat, running bootrec /fixmbr (both from the install CD), and then installing Ubuntu? Reformat meaning from the windows disk recovery console, using the format command for all partitions. Likewise, would a virus be capable of surviving just the first two steps alone without installing Ubuntu, just re-installing windows?

If one were to have an MBR virus on Windows or Linux, how abouts would you find or remove it without doing an entire disk wipe? And before someone goes "Linux is immune" take into consideration vulnerabilities on the user end.

View 9 Replies View Related

Ubuntu Security :: Remove String From All Files?

Oct 12, 2010

How can I remove this string from all files. I am not sure how it did get there

PHP Code:
<?php /**/eval(base64_decode('')); ?>

I tried this but It did not work

PHP Code:

find . -iname *.php* -exec sed -i 's/<?php /**/eval(base64_decode('')); ?> //g' {} ;

View 4 Replies View Related

Security :: Using Sed To Remove A Line From All Files In Directory

Jan 23, 2010

A Javascript has crept into all my hmtl, php files in my shared hosting account. I have SSH access.How can I use sed to remove that line from all files in a directory recursively ?sed doesnt change the original file.And I need to specify *.php and *.html

View 4 Replies View Related

CentOS 5 Networking :: Can Not Access Add / Remove Software

Sep 10, 2009

I try to go to Add/Remove Software but it always show this message. I didn't open any program.

View 3 Replies View Related

Fedora Security :: Remove Encryption From An Hard Disk?

Feb 24, 2009

I was trying to install Fedora 9 on my new laptop that came with Win XP. I have selected the option to wipe out all partition and create a default layout with the Encryption option selected. But that installation got stopped on the middle, therefore I have started the installation again. This time it asked for the encryption password as expected but don't know why, its not accepting my password. I am 100% sure that the password is correct but it is not allowing me to enter into the hard disk partition section.

My question is, how do I remove encryption from my hard disk? I don't need to preserve the data, I just need to use my hard disk again. Is there any boot CD that allow us to format encrypted disks without prompting for a password?

View 3 Replies View Related

Ubuntu Security :: Remove Delete Permissions On Certain Folders?

Feb 8, 2010

I have a Ubuntu file server with a mix of 30+ users ( mix of windows and linux ).All are members of the same group. All need read write create access. I want to prevent deletion of certain key folders. How can I achieve this ? sudo chmod -R nnnn ??

View 8 Replies View Related

Ubuntu Security :: Found LKL And Can't Remove - Isn't Showing Up In Synaptic

Apr 7, 2010

I found LKL on my computer. I need to remove it. It isn't showing up in synaptic and i can't figure out how to remove it. SUDO apt-get remove lkl tells me this. E: Couldn't find package lkl. i can't find it with the search and with google.

View 4 Replies View Related

Ubuntu Security :: Remove Home Folder Encryption?

May 3, 2010

When I installed, I selected the option to encrypt my home folder. I believe this is causing constant crashes now, since error message is user id/password related. Is there a way to remove the encryption?

View 5 Replies View Related

Ubuntu Security :: Remove The Whole Disk Encryption Without Reinstalling?

Jul 31, 2010

Is there any way to remove the whole disk encryption without reinstalling? I'm running Ubuntu 10.04.

View 2 Replies View Related

Ubuntu Security :: Remove 'sudo' Via The Software Center?

Jul 10, 2011

I've installed Ubuntu via UNetbootin from USB on my child's computer. It comes by default with the sudo command which I find really annoying to work with. I'd rather have my su command.

Now, while googling for a removal instruction, I've read that the sudo command is tied to system functions on some Ubuntu live systems and can't be removed easily. Does anyone know if this applies to the 10.04 live version used by UNetbootin and how to work around this problem?

If not, is it simply enough to remove 'sudo' via the software center? I find many tutorials on how to switch from su to sudo but not much about the other way around.

View 7 Replies View Related

Security :: Remove Script Injection From .php And .html Files?

Mar 19, 2010

Our client-accounts were recently injected with the following script and since there are too many files that were injected (only index.php and index.html) how this script can be traced with a search command and removed in all files found.

[Code].....

View 9 Replies View Related

Fedora :: Yum - Cannot Access Mirror Sites But Add/Remove Software

Mar 9, 2011

I'd like to ask a question on installing software.

I cannot install software using "yum" but I can with the GUI program "Add/Remove Software".

For example, I tried:

It will exhaust all the mirror sites without success.

All the error messages look like:

But I can install "screen.i686" easily from the "Add/Remove Software" GUI and it is very fast.

However, what's puzzling is that I could install some certain packages although I still see the same kind of error messages.

For example,

will work. But in general, "yum" is running very slow and is rejected at every mirror sites.

My settings: I just installed "Fedora 14" (Linux 2.6.35.11-83.fc14.i686) as a virtual machine (using VirtualBox) on a Windows XP (Professional, SP3) host on my laptop (CPU: Intel Core2 Duo), which accesses internet through a HTTP Proxy server since it is behind a corporate firewall.

View 7 Replies View Related

OpenSUSE Network :: Can't Access To Install/Remove Software

Feb 15, 2011

Can't access to Install/Remove Software. I'm getting an error

Download failed:
File '/repodata/repomd.xml' not found on medium 'http://download.opensuse.org/repositories/server:/database:/postgresql:/9.0/openSUSE_11.3/'
History:
- [AbstractCommand.cc:224] URI=http://download.opensuse.org/repositories/server:/database:/postgresql:/9.0/openSUSE_11.3/repodata/repomd.xml

[Code].....

Is it something important or I can just remove it from the repository list?

View 2 Replies View Related

Ubuntu :: 32 Bit Binaries On A 64 Bit Computer?

May 15, 2010

I am running Ubuntu 64-bit and I downloaded a 32-bit binary. I tried to run it in the shell using ./file but zsh said that it did not exist. However it shows up in nautilus and ls. Is this supposed to happen?

View 2 Replies View Related

Ubuntu :: Cannot Run Binaries From Console

May 24, 2010

After upgrading to Lucid I can compile but not run binaries from the console. I have build-essentials installed. When I try to run a compiled program I get this error:
bash: .: ./main: cannot execute binary file

View 5 Replies View Related

Software :: 32 Bit Binaries Do Not Run On 64 Bit Machine?

Feb 22, 2011

I'm trying to debug why I cannot run any java on my RHEL 5 box. Right now I'm just trying to run an example .jar file I got from

[URL]

I'm not a java developer, just an end-user.

[xxxxx@xxxxx Desktop]$ cat /etc/redhat-release
Red Hat Enterprise Linux Client release 5.4 (Tikanga)
[xxxxx@xxxxx Desktop]$ uname -a

[code]....

View 14 Replies View Related

Software :: Gcc / G++ Binaries Available For Download?

Apr 13, 2010

Are there gcc and g++ binaries available for download anywhere? I can only seem to find sources, which I can't get to build (trying to upgrade to a newer compiler).

View 7 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved