Feature changed by: Marcus Meissner (msmeissn) Feature #313210, revision 5 Title: get rid of all setuid binaries openSUSE Distribution: Unconfirmed Priority Requester: Important Requested by: Ludwig Nussel (lnussel) Requested by: Security Team (secteam) Partner organization: openSUSE.org Description: setuid binaries directly or indirectly cause a never ending stream of security issues due to bugs in various components: - the implementation of the binaries themselves (CVE-2011-2490, CVE-2011-1946, CVE-2011- 1485, CVE-2011-2145, CVE-2011-1675, CVE-2010-4170, CVE-2009-2948) - libraries linked into setuid binaries (CVE-2010-3853, CVE-2010-3316, CVE-2009-0360) - glibc resp the linker (CVE-2011-1658, CVE-2010-3847, CVE-2011-0536, CVE-2010-3192, CVE-2011-1089) - kernel (CVE-2012-0056, CVE-2011-1020, CVE-2010-2240, CVE-2010-0296, CVE-2011-1020, CVE-2009- 2848) Therefore we should strive to get rid of all setuid binaries and replace them with client/server implemenations. Discussion: #1: Sebastian Freundt (hroptatyr) (2012-02-09 12:04:47) How does a client/server implementation of ping(1) look like then? #2: Ned Ulbricht (ned_ulbricht) (2012-02-09 12:42:07) su and sudo are kind of pointless unless setuid + #3: Marcus Meissner (msmeissn) (2012-02-09 03:49:03) (reply to #2) + su and sudo can both be replaced by + ssh root@localhost + (optional with -X) + but these are probably way down the TODO list. -- openSUSE Feature: https://features.opensuse.org/313210