Server hardening by eliminating setuid and setgid binaries - Linux Tutorials - Learn Linux Configuration

It is very possible that your Linux server has more packages installed than your really need. To make it worse, those extra packages may contain handful of binaries with setuid and setguid turned on. This can lead to unnecessary risk as it could be just a matter of time that some of your shell users exploits this vulnerabilities to get a root privileges.


This is a companion discussion topic for the original entry at https://linuxconfig.org/hardening-server-by-eliminating-setuid-and-setgid-binaries