22 Oct
2001
22 Oct
'01
09:45
Hi Bob! On Mon, 22 Oct 2001, Bob Vickers wrote:
Hello,
I was wondering: while SuSE are working on the fixes to these latest kernel problems is it sensible to remove suid privilege from newgrp? What functionality would be lost?
I realise that newgrp is not the culprit and that disabling it would not properly fix the problem, but it should be a useful protection against script kiddies.
Any suid program would quality for a try, if I understood corectly the advisory. A quite idea would be just to write a really simple kernel module to hook sys_ptrace to do nothing. Only root can add or remove modules, so a user cannot do much. How about that? -- teodor