Quote:
Originally posted by TheFLY
What does the "s" mean here...? Do I change this with chmod?
This is a directory...
drwxr-sr-x 2 thefly thefly
|
+s is suid ... for example, if an executable file is +s and owned by root it will get executed with root permissions. For example /bin/passwd needs to be suid root since it writes to /etc/passwd. Only root can normaly do that .. but to give normal users the abillity to change their passwords, unix solves it by having it +s (and owned by root)
Suid files are the ones hackers use to get root localy once they're in your system with shellaccess. Every suidfile is a potential securityhole so if you dont need the functionallity it provides I suggest You remove as many suid-files as you can...
Find them with:
Code:
find / -type f \( -perm -4000 -o -perm -2000 \) -exec ls -ld '{}' \;
You just remove the suid flag with "chmod -s file".