Hello all, I have run harden_suse on my box, and answered "yes" to all its prompts. The following files are still suid/sgid: do all of them need to be? TIA Corvin + -rwsr-x--- 1 root audio 14880 Mar 22 05:34 /bin/eject + -rwsr-xr-x 1 root root 67236 Mar 22 03:51 /bin/mount + -rwsr-xr-x 1 root root 20908 Mar 22 03:52 /bin/ping + -rwsr-xr-x 1 root root 19636 Mar 22 04:04 /bin/ping6 + -rwsr-xr-x 1 root root 22594 Mar 22 03:51 /bin/su + -rwsr-xr-x 1 root root 34568 Mar 22 03:51 /bin/umount + -rwxr-sr-x 1 root shadow 10967 Mar 23 02:26 /opt/kde2/bin/kcheckpass + -rwxr-sr-x 1 root nogroup 82968 Mar 23 02:26 /opt/kde2/bin/kdesud + -rwxr-sr-x 1 root tty 3772 Mar 23 02:26 /opt/kde2/bin/konsole + -rwsr-xr-x 1 root root 5344 Mar 23 02:26 /opt/kde2/bin/konsole_grantpty + -rwsr-x--- 1 root trusted 15501 Mar 22 05:34 /sbin/cardctl + -rwxr-sr-x 1 root shadow 20261 Mar 22 03:50 /sbin/unix_chkpwd + -rws--x--x 1 root root 1773168 Mar 22 04:08 /usr/X11R6/bin/XFree86 + -rwsr-xr-x 1 root root 7560 Mar 22 04:08 /usr/X11R6/bin/Xwrapper + -rwxr-sr-x 1 root tty 95456 Mar 22 04:10 /usr/X11R6/bin/wterm + -rwxr-sr-x 1 root shadow 1119648 Mar 22 04:10 /usr/X11R6/bin/xlock + -rwxr-sr-x 1 root tty 276828 Mar 23 02:14 /usr/X11R6/bin/xterm + -rwsr-x--- 1 root trusted 35868 Mar 22 05:34 /usr/bin/at + -rwsr-x--- 1 root trusted 27032 Mar 22 05:34 /usr/bin/bing + -rwsr-xr-x 1 root shadow 34460 Mar 22 04:46 /usr/bin/chage + -rwsr-xr-x 1 root shadow 28184 Mar 22 04:46 /usr/bin/chfn + -rwsr-xr-x 1 root shadow 26000 Mar 22 04:46 /usr/bin/chsh + -rwsr-x--- 1 root trusted 22560 Mar 22 05:34 /usr/bin/crontab + -rwsr-xr-x 1 root shadow 18360 Mar 22 04:46 /usr/bin/expiry + -rwsr-x--- 1 root trusted 37076 Mar 22 05:34 /usr/bin/gpasswd + -rwsr-xr-x 1 man root 92512 Mar 22 03:50 /usr/bin/man + -rwsr-xr-x 1 root root 21432 Mar 22 03:51 /usr/bin/newgrp + -rwsr-xr-x 1 root shadow 26780 Mar 22 03:51 /usr/bin/passwd + -rwsr-xr-x 1 root root 15544 Mar 22 03:52 /usr/bin/rcp + -rwsr-xr-x 1 root root 11160 Mar 22 03:52 /usr/bin/rlogin + -rwsr-xr-x 1 root root 8304 Mar 22 03:52 /usr/bin/rsh + -rwsr-xr-x 1 root root 85432 Mar 22 03:53 /usr/bin/sudo + -rwsr-x--- 1 root trusted 8856 Mar 22 05:34 /usr/bin/ziptool + -rwsr-xr-x 1 root root 5856 Mar 22 03:50 /usr/lib/pt_chown + -rwxr-sr-x 1 root maildrop 77277 Mar 24 00:06 /usr/sbin/postdrop + -rwsr-s--- 1 root dialout 176288 Mar 22 05:34 /usr/sbin/pppd + -rwsr-s--- 1 root dialout 5324 Mar 23 02:40 /usr/sbin/pppoedsp + -rwsr-xr-x 1 root root 20408 Mar 22 04:04 /usr/sbin/traceroute -- Corvin Russell <corvinr@sympatico.ca>