[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sheflug] SUID bit - how do I set it?



>>>>> "Chris" == Chris J/#6 <sixie [at] nccnet.co.uk> writes:

    >> I'm installing GNUPG instead of PGP after my reinstall...it
    >> needs to be run with the SUID bit set for security.

    Chris> Wise choice ... seen the thread in sci.crypt (and other
    Chris> groups) - security hole in PGP v5 & 6. Zimmerman's
    Chris> acknowledged it and there's a CERT advisory out.

Not necessarily wise.  It depends (among other things) on the number
of eyes; PGP is probably still an order of magnitude more popular than
GPG.  Also, it's often true that these security holes work in somewhat
mutated form on related software, but the related software's
developers just say "glad that wasn't in MY backyard."

    >> How do I set it?
    >> 
    >> I'm assuming I'll be using the first digit of a 4 digit chmod
    >> (2644, 1644) - but so far I've only figured out how to use a 3
    >> digit (644, 666, 777 etc).

You may or may not want to use chmod directly.  For security auditing,
many distros set up a registry of set-id progs, and you may want to
use a distro-specific utility for this.

-- 
University of Tsukuba                Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
Institute of Policy and Planning Sciences       Tel/fax: +81 (298) 53-5091
_________________  _________________  _________________  _________________
What are those straight lines for?  "XEmacs rules."
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.