ProLiant Servers - Netservers

1824812 Members

5731 Online

109674 Solutions

SUID settings on RedHat Linux with Proliant Support Pack

I'm trying to lock down the rights on a Redhat Linux DL380.

As a policy we turn off SUID bits on all files except for /bin/passwd and a few other special files. As you may know, this prevents potentially dangerous processes to be initiated that have the permissions of the owner of the file.

When we find all files with permissions of +4000, we get:

/usr/bin/passwd (which is OK)

but also a ton of files like:

/var/spool/compaq/hpasm/registry/stdeq/serial.2
/var/spool/compaq/hpasm/registry/stdeq/usbPort.1
/var/spool/compaq/hpasm/registry/stdeq/usbPort.2
/var/spool/compaq/hpasm/registry/stdeq/usbPort.3
/var/spool/compaq/hpasm/registry/stdeq/pcislot.0.0
/var/spool/compaq/hpasm/registry/stdeq/pcifunc.0.0.0
/var/spool/compaq/hpasm/registry/stdeq/pcislot.0.2
/var/spool/compaq/hpasm/registry/stdeq/pcifunc.0.2.0
/var/spool/compaq/hpasm/registry/stdeq/pcislot.0.6
/var/spool/compaq/hpasm/registry/stdeq/pcifunc.0.6.0
/var/spool/compaq/hpasm/registry/stdeq/pcislot.0.29
/var/spool/compaq/hpasm/registry/stdeq/pcifunc.0.29.0
...
...
/var/spool/compaq/hpasm/registry/scsi/scsilist
/opt/hp/hpsmh/data/cgi-bin/vcagent/cgi

Which are not OK because of the security issue.

So I turned off SUId permission with:

chmod u-s /var/spool/compaq/hpasm/registry/stdeq/*

but after a reboot all the SUID settings have reverted back to their insecure level.

Is there a justification for leaving this SUID bit set on all these files? It seems like a security issue to me.

And how do I permanently turn off this setting? Thanks.

-tom

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

SUID settings on RedHat Linux with Proliant Support Pack

SUID settings on RedHat Linux with Proliant Support Pack