Unix Technical Forum - View Single Post

#1 (**permalink**) 01-17-2008, 05:32 AM

i'm looking to test a more secured configuration on a dedicated box.

i'm looking for advices of which files must be kept as is, and which
not. box
will only have admin users with sudo configured for main tool access.

+ find / -type f -a ( -perm -u+s -o -perm -g+s ) -print0 -o ! -type d -a
! -type f -a ! -type l -a ! -type s -a ! -type p -print0
+ xargs -0 ls -ldg
+ egrep -v (/dev/)
+ sort +8
---s--x--x 2 root 176128 Jun 22 2005 /opt/iexpress/sudo/bin/sudo
---s--x--x 2 root 176128 Jun 22 2005
/opt/iexpress/sudo/bin/sudoedit
-r-s------ 1 bin 446464 Apr 1 2005 /sbin/passwd
-r-sr-sr-t 1 mail 1339392 Jul 26 15:34 /usr/sbin/sendmail
-r-sr-xr-x 1 bin 45056 Aug 3 2005 /usr/bin/su
-r-sr-xr-x 1 bin 36864 Mar 31 2005 /usr/bin/crontab
-r-sr-xr-x 1 bin 49152 Aug 27 2004 /usr/sbin/ping
-r-sr-xr-x 1 bin 73728 Apr 17 10:31 /usr/bin/lp
-r-sr-xr-x 5 bin 61440 Jan 21 2005 /usr/bin/passwd
-r-xr-sr-x 1 sys 77824 Aug 27 2004 /usr/bin/netstat
=> OK classic

-r-sr-xr-x 1 bin 86016 Apr 17 10:31 /usr/bin/lpstat
-r-sr-xr-x 1 bin 73728 Apr 17 10:31 /usr/bin/cancel
=> keep it or sudo

-r-sr-sr-x 1 bin 413696 Mar 11 2004 /usr/lbin/chgpt
-r-sr-sr-x 1 daemon 2617344 Sep 3 2003 /usr/bin/kermit
-r-sr-sr-x 1 mail 61440 Aug 27 2004 /usr/bin/mail
-r-sr-sr-x 1 mail 61440 Mar 11 2004 /usr/bin/rmail
-r-sr-sr-x 1 sys 32768 Sep 3 2003 /usr/dt/bin/dtaction
-r-sr-sr-x 1 sys 303104 Jun 12 2004 /usr/bin/X11/hpterm
-r-sr-x--- 1 hpsmc 1462272 Mar 10 15:08
/opt/hpsmc/common/bin/hpsconfig
-r-sr-x--- 1 hpsmc 1880064 Mar 10 15:08
/opt/hpsmc/common/bin/hpssidgen
-r-sr-x--- 1 hpsmh 33020 Mar 21 19:17 /opt/hpsmh/lbin/smhrun
-r-sr-x--- 1 hpsmh 49404 Mar 21 19:17 /opt/hpsmh/lbin/smhauth
-r-sr-x--- 1 hpsmh 217340 Mar 21 19:16 /opt/hpsmh/lbin/smhstart
-r-sr-x--- 1 ids 102400 Dec 9 2005 /opt/ids/lbin/idssysdsp
-r-sr-x--- 1 ids 323584 Dec 9 2005 /opt/ids/lbin/updaterc
-r-sr-xr-- 1 lp 69632 Apr 17 10:31 /usr/sbin/rlp
-r-sr-xr-x 1 bin 12288 Sep 3 2003 /usr/sbin/keyenvoy
-r-sr-xr-x 1 bin 16384 Jul 26 2004 /usr/sam/lbin/rsam
-r-sr-xr-x 1 bin 24576 Mar 11 2004 /usr/lbin/protect_pty
-r-sr-xr-x 1 bin 24576 Sep 3 2003 /usr/bin/slp
-r-sr-xr-x 1 bin 24576 Sep 3 2003 /usr/sbin/acct/accton
-r-sr-xr-x 1 bin 24576 Sep 3 2003 /usr/tsm/sys/tsm.root
-r-sr-xr-x 1 bin 28672 Apr 17 10:31 /usr/lbin/rwrite
-r-sr-xr-x 1 bin 28672 Mar 11 2004 /usr/bin/newgrp
-r-sr-xr-x 1 bin 28672 Sep 3 2003 /usr/old/usr/bin/uuname
-r-sr-xr-x 1 bin 28672 Sep 3 2003 /usr/tsm/sys/tsm.utmp
-r-sr-xr-x 1 bin 32768 Oct 27 2005 /usr/bin/rexec
-r-sr-xr-x 1 bin 32768 Sep 3 2003 /usr/old/usr/bin/uuls
-r-sr-xr-x 1 bin 32768 Sep 3 2003 /usr/old/usr/bin/uusnap
-r-sr-xr-x 1 bin 40960 May 19 2005 /usr/bin/bdf
-r-sr-xr-x 1 bin 45056 Jan 25 2005 /usr/bin/nfsstat
-r-sr-xr-x 1 bin 49152 Aug 27 2004 /usr/sbin/arp
-r-sr-xr-x 1 bin 49152 Sep 3 2003 /usr/dt/bin/dtappgather
-r-sr-xr-x 1 bin 49152 Sep 3 2003 /usr/lbin/uucp/uusched
-r-sr-xr-x 1 bin 53248 Oct 27 2005 /usr/bin/remsh
-r-sr-xr-x 1 bin 53248 Sep 3 2003 /usr/lbin/uucp/uusub
-r-sr-xr-x 1 bin 57016 Jul 30 2004 /opt/dce/bin/ep_scavenger
-r-sr-xr-x 1 bin 57344 Mar 11 2004 /usr/bin/mediainit
-r-sr-xr-x 1 bin 57344 Sep 3 2003 /usr/bin/cu
-r-sr-xr-x 1 bin 57344 Sep 3 2003 /usr/lbin/uucp/uuclean
-r-sr-xr-x 1 bin 61440 Apr 17 10:31 /usr/bin/enable
-r-sr-xr-x 1 bin 61440 Apr 17 10:31 /usr/sbin/accept
-r-sr-xr-x 1 bin 61440 Apr 17 10:31 /usr/sbin/lpfence
-r-sr-xr-x 1 bin 61440 Apr 17 10:31 /usr/sbin/lpshut
-r-sr-xr-x 1 bin 61440 Aug 27 2004 /usr/bin/chkey
-r-sr-xr-x 1 bin 61440 Sep 3 2003 /usr/dt/bin/dtterm
-r-sr-xr-x 1 bin 61440 Sep 3 2003 /usr/old/usr/bin/uustat
-r-sr-xr-x 1 bin 65536 Apr 13 2005 /usr/bin/ct
-r-sr-xr-x 1 bin 65536 Apr 17 10:31 /usr/bin/disable
-r-sr-xr-x 1 bin 65536 Apr 17 10:31 /usr/sbin/lpmove
-r-sr-xr-x 1 bin 65536 Apr 17 10:31 /usr/sbin/reject
-r-sr-xr-x 1 bin 65536 Aug 27 2004 /usr/contrib/bin/traceroute
-r-sr-xr-x 1 bin 65536 Aug 31 2004 /usr/sbin/pppoerd
-r-sr-xr-x 1 bin 69632 Apr 17 10:31 /usr/sbin/rcancel
-r-sr-xr-x 1 bin 69632 Apr 17 10:31 /usr/sbin/rlpstat
-r-sr-xr-x 1 bin 69632 Aug 31 2004 /usr/bin/pppoec
-r-sr-xr-x 1 bin 69632 Oct 27 2005 /usr/bin/rlogin
-r-sr-xr-x 1 bin 73728 Apr 17 10:31 /usr/bin/lpalt
-r-sr-xr-x 1 bin 73728 Aug 31 2004 /usr/sbin/pppoesd
-r-sr-xr-x 1 bin 73728 Mar 31 2005 /usr/bin/at
-r-sr-xr-x 1 bin 81920 Oct 27 2005 /usr/bin/rcp
-r-sr-xr-x 1 bin 81920 Sep 3 2003 /usr/old/usr/bin/uucp
-r-sr-xr-x 1 bin 81920 Sep 3 2003 /usr/old/usr/bin/uux
-r-sr-xr-x 1 bin 86016 Aug 27 2004 /usr/bin/login
-r-sr-xr-x 1 bin 90112 Sep 3 2003 /usr/lbin/uucp/uuxqt
-r-sr-xr-x 1 bin 98304 Apr 17 10:31 /usr/sbin/lpadmin
-r-sr-xr-x 1 bin 98304 Apr 17 10:31 /usr/sbin/lpsched
-r-sr-xr-x 1 bin 106496 Apr 17 10:31 /usr/sbin/rlpdaemon
-r-sr-xr-x 1 bin 106496 Oct 27 2005 /usr/bin/rdist
-r-sr-xr-x 1 bin 139264 May 4 2005 /usr/bin/df
-r-sr-xr-x 1 bin 163840 Sep 3 2003 /usr/lbin/uucp/uucico
-r-sr-xr-x 1 bin 212992 Sep 3 2003 /usr/contrib/bin/X11/xconsole
-r-sr-xr-x 1 bin 237568 May 28 2004 /usr/dt/bin/dtsession
-r-sr-xr-x 1 bin 299008 Apr 2 2003 /usr/contrib/bin/X11R5/xterm
-r-sr-xr-x 1 bin 331776 Mar 18 02:53 /usr/lbin/grmd
-r-sr-xr-x 1 bin 438272 Aug 27 2004 /sbin/shutdown
-r-sr-xr-x 1 bin 491520 Sep 3 2003 /usr/contrib/bin/X11/xterm
-r-sr-xr-x 1 bin 524288 Aug 31 2004 /usr/bin/pppd
-r-sr-xr-x 1 bin 526420 Sep 29 2004 /usr/dt/bin/dtprintinfo
-r-sr-xr-x 1 bin 696320 Jan 27 2006 /usr/bin/X11/xterm
-r-sr-xr-x 1 other 40960 Mar 18 02:53 /usr/bin/X11/X
-r-sr-xr-x 1 sys 40960 Jun 28 17:01 /usr/local/coreutils/bin/su
-r-sr-xr-x 1 sys 606208 Nov 24 2005 /usr/sbin/lvchange.run
-r-sr-xr-x 1 sys 999424 Nov 24 2005 /sbin/lvchange.run
-r-sr-xr-x 2 bin 1228800 Mar 21 04:05 /usr/sbin/swmodify
-r-sr-xr-x 2 bin 1228800 Mar 21 04:05 /usr/sbin/swpackage
-r-sr-xr-x 5 bin 61440 Jan 21 2005 /usr/bin/chfn
-r-sr-xr-x 5 bin 61440 Jan 21 2005 /usr/bin/chsh
-r-sr-xr-x 5 bin 61440 Jan 21 2005 /usr/bin/nispasswd
-r-sr-xr-x 5 bin 61440 Jan 21 2005 /usr/bin/yppasswd
-r-sr-xr-x 11 bin 2314240 Mar 21 04:05 /usr/sbin/sd
-r-sr-xr-x 11 bin 2314240 Mar 21 04:05 /usr/sbin/swacl
-r-sr-xr-x 11 bin 2314240 Mar 21 04:05 /usr/sbin/swask
-r-sr-xr-x 11 bin 2314240 Mar 21 04:05 /usr/sbin/swconfig
-r-sr-xr-x 11 bin 2314240 Mar 21 04:05 /usr/sbin/swcopy
-r-sr-xr-x 11 bin 2314240 Mar 21 04:05 /usr/sbin/swinstall
-r-sr-xr-x 11 bin 2314240 Mar 21 04:05 /usr/sbin/swjob
-r-sr-xr-x 11 bin 2314240 Mar 21 04:05 /usr/sbin/swlist
-r-sr-xr-x 11 bin 2314240 Mar 21 04:05 /usr/sbin/swreg
-r-sr-xr-x 11 bin 2314240 Mar 21 04:05 /usr/sbin/swremove
-r-sr-xr-x 11 bin 2314240 Mar 21 04:05 /usr/sbin/swverify
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxagentconfig
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxauth
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxcert
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxcollection
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxexec
-r-sr-xr-x 23 bin 2084864 Jan 6 2006
/opt/mx/bin/mxglobalprotocolsettings
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxglobalsettings
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxlog
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxmib
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxngroup
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxnode
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxnodesetup
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxquery
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxreport
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxstm
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxtask
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxtool
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxtoolbox
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxuser
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/bin/mxwbemsub
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/lbin/.CommandTemplate
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/lbin/mxmergehelp
-r-sr-xr-x 23 bin 2084864 Jan 6 2006 /opt/mx/lbin/mxreport
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/lvchange
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/lvcreate
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/lvdisplay
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/lvextend
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/lvlnboot
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/lvmerge
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/lvreduce
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/lvremove
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/lvrmboot
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/lvsplit
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/lvsync
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/nomwcsyncd
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/pvchange
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/pvck
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/pvcreate
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/pvdisplay
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/pvmove
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/pvremove
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/vgcfgbackup
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/vgcfgrestore
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/vgchange
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/vgchgid
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/vgcreate
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/vgdisplay
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/vgexport
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/vgextend
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/vgimport
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/vgreduce
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/vgremove
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/vgscan
-r-sr-xr-x 31 sys 626688 Jul 26 20:48 /usr/sbin/vgsync
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/lvchange
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/lvcreate
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/lvdisplay
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/lvextend
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/lvlnboot
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/lvmerge
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/lvreduce
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/lvremove
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/lvrmboot
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/lvsplit
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/lvsync
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/nomwcsyncd
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/pvchange
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/pvck
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/pvcreate
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/pvdisplay
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/pvmove
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/pvremove
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/vgcfgbackup
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/vgcfgrestore
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/vgchange
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/vgchgid
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/vgcreate
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/vgdisplay
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/vgexport
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/vgextend
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/vgimport
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/vgreduce
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/vgremove
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/vgscan
-r-sr-xr-x 31 sys 1024000 Jul 26 20:48 /sbin/vgsync
-r-xr-sr-x 1 bin 163840 Jul 7 2004 /usr/bin/X11/xfs
-r-xr-sr-x 1 bin 299008 Sep 9 2004 /usr/bin/stmkfont
-r-xr-sr-x 1 mail 28672 Sep 3 2003 /usr/lbin/rmmail
-r-xr-sr-x 1 mail 266240 Sep 3 2003 /usr/dt/bin/dtmailpr
-r-xr-sr-x 1 mail 655360 Aug 27 2004 /usr/bin/elm
-r-xr-sr-x 1 mail 872448 Sep 3 2003 /usr/dt/bin/dtmail
-r-xr-sr-x 1 sys 34664 Sep 3 2003 /usr/sbin/sysdef
-r-xr-sr-x 1 sys 40960 Aug 27 2004 /usr/sbin/lanscan
-r-xr-sr-x 1 sys 40960 Mar 11 2004 /usr/lbin/fs/hfs/diskusg
-r-xr-sr-x 1 sys 114688 Sep 1 2004 /usr/lbin/fs/vxfs/diskusg
-r-xr-sr-x 1 sys 233472 Sep 3 2003 /usr/contrib/bin/X11/xload
-r-xr-sr-x 1 tty 28672 Mar 11 2004 /usr/sbin/wall
-rwsr-xr-x 1 bin 32768 Jan 27 2006
/opt/hpws/apache/bin/suexec.hide
-rwsr-xr-x 1 bin 1052672 Feb 10 2006
/opt/ssh/PA-RISC2.0/libexec/ssh-keysign
-rwsr-xr-x 1 root 20480 Mar 28 17:42 /usr/local/bin/otp
-rwsr-xr-x 1 root 24576 Mar 28 17:42 /usr/local/bin/su
-rwxr-sr-x 1 sys 9382 Jul 26 19:54
/etc/vx/isis/Registry.pre-allocpro
-rwxr-sr-x 1 sys 23560 Jul 26 20:06 /etc/vx/isis/Registry
=> seems to me, doesn't need this or only for root

-rwsr-xr-x 1 sys 348160 Jul 7 17:51 /usr/local/bin/screen
=> why ??? (from hpux.connect.org.uk/hppd/hpux/)

-r-s------ 1 bin 446464 Mar 11 2004
/var/adm/sw/save/PHCO_32925/UX2-CORE/sbin/passwd
-r-sr-sr-t 1 mail 1339392 Aug 27 2004
/var/adm/sw/save/PHNE_34689/INETSVCS2-RUN/usr/sbin/sendmail
-r-sr-sr-t 1 mail 1339392 Sep 3 2003
/var/adm/sw/save/PHNE_31734/INETSVCS2-RUN/usr/sbin/sendmail
-r-sr-sr-x 1 mail 61440 Mar 11 2004
/var/adm/sw/save/PHNE_31725/CMDS2-MIN/usr/bin/mail
-r-sr-sr-x 1 sys 303104 Jun 12 2004
/var/adm/sw/save/PHSS_34159/X11-RUN-CL/usr/bin/X11/hpterm
-r-sr-sr-x 1 sys 303104 Sep 3 2003
/var/adm/sw/save/PHSS_31833/X11-RUN-CL/usr/bin/X11/hpterm
-r-sr-xr-- 1 lp 65536 Sep 3 2003
/var/adm/sw/save/PHCO_32278/LP2-SPOOL/usr/sbin/rlp
[...]
=> seems patch stuff which is not needed, right ?

thanks
regards

Thread: hpux 11i v2 & suid/sgid files View Single Post

Thread: hpux 11i v2 & suid/sgid files
View Single Post