Timeline for How does command "pmount" work without "sudo"
Current License: CC BY-SA 3.0
6 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Aug 4, 2017 at 12:21 | comment | added | sebasth |
You can inspect executables /bin /usr/bin with ls -l to see if the setuid/setgid bits are set. If you want to find all files with setuid or setgid bit set you can do that using find eg. find / -perm /6000.
|
|
| Aug 4, 2017 at 10:38 | vote | accept | Hedayat Mahdipour | ||
| Aug 4, 2017 at 10:38 | comment | added | Hedayat Mahdipour | Thank you dear Andrew. How can I understand whether a command is a setuid binary or not? | |
| Aug 4, 2017 at 10:26 | comment | added | Andrew Henle |
@Hedayat Yes, setuid binaries can be used by attackers and decrease the security of the system. But without them, you wouldn't be able to do things like change your own password since your password is usually stored securely so normal users can't even read the storage. Some required actions on a system may only be done by setuid binaries - such as using the already-mentioned sudo to change to another user. If users need to do what pmount provides, you'll need to keep it. If they don't, yes you would make your system a bit more secure by removing the package.
|
|
| Aug 4, 2017 at 10:06 | comment | added | Hedayat Mahdipour | Then doesn't this decrease the security of the system? Should I remove "pmount" package and its dependeicnes? | |
| Aug 4, 2017 at 9:46 | history | answered | sebasth | CC BY-SA 3.0 |