Re: Simple question about setuid bits

Subject: Re: Simple question about setuid bits
gus@nist.gov
Date: Wed Jun 27 2001 - 11:31:49 MDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Chris Pepper: "YDL 2.0 missing 2.2 kernel-headers?"
• Previous message: Jason McIntosh: "Re: Simple question about setuid bits"
• In reply to: Dr. David Sterling: "Simple question about setuid bits"
• Reply: gus@nist.gov: "Re: Simple question about setuid bits"

I don't think you should have the setuid bit set for telnet and ftp.
Setting the setuid bit for any programs can lead to severe security
issues!
'telnet' and 'ftp' don't have the setuid bit set on my configuration and
it works like a charm. The problem is coming from you name resolution
configuration.

Guillaume.

On 26 Jun, Dr. David Sterling wrote:
> Hi, I have a simple question that's been nagging at me for the better
> part of a week now.
>
> After some struggling, I managed to get PPP up and running with the
> 2.2.?? (default YDL 2.0) kernel, but now 'telnet' and 'ftp' report
> "Hostname lookup failed" unless I'm logged in as root. Given this I was
> surprised that 'ping' and 'ssh' seem to be able to resolve names just
> fine for all users. A quick inspection reveals the setuid bit is cleared
> on 'telnet' and 'ftp'
> while it is set for 'ssh' and 'ping'. In my state of 'newbie' befuddlement
> I'm left to wonder whether all internet clients should have the same
> permissions as 'ping', and if so, why didn't the installer (Developer
> install) do this?
>
> Any comments from those of you with more experience would be greatly
> appreciated.
>
> Thanks in advance,
>
> David

• Next message: Chris Pepper: "YDL 2.0 missing 2.2 kernel-headers?"
• Previous message: Jason McIntosh: "Re: Simple question about setuid bits"
• In reply to: Dr. David Sterling: "Simple question about setuid bits"
• Reply: gus@nist.gov: "Re: Simple question about setuid bits"

This archive was generated by hypermail 2a24 : Wed Jun 27 2001 - 10:37:05 MDT