Quickly check for potential root-exploitable programs and backdoors.
What is SUID? SUID stands for set user id. When a SUID file executed, the process which runs it is granted access to system resources based on the user who owns the file and not the user who created the process.
What is SGID? SGID stands for set group id. When looking at files SGID they behave much the same as SUID files, and must be executable for it to have any effect.
Scanning systems for SUID and SGID binaries
# find / \( -perm -4000 -o -perm -2000 \) -type f -exec ls -la {} \;
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment