On Fri, Sep 02, 2005 at 01:47:40PM +0200, Javier Fern?ndez-Sanguino Pe?a wrote:
> I believe it would be best if we could manage to get a list of
> packages that:
>
> a) provide a daemon (i.e. there is a script in /etc/init.d/
Good idea.
> b) provide cron tasks
Again.
> c) are setuid/setgid
Done already, although a little lagging.
> d) open up network ports (not easy to determine based on analysis of Debian
> binary packages)
No I think this would involve running the code and seeing if something
were changed - although many services will require explicit enabling
so I'm not sure how this could be done.
Perhaps looking for binary calls to 'bind', 'accept', etc?
> I'm not currently working through the reports, I will probably do so in the
> near future. In any case, postman was not in my target list since I'm first
> looking for the low hanging fruit (i.e. /tmp use in scripts, not binaries). I
> guess you are refering to /usr/sbin/interdaemon.
Yes, although in this case it was a non-issue as the code is commented
out. It just occurred to me that it might be possible to see a few more
like this at the same time.
> That gets even trickier without a good source code analysis tool. We don't
> have any available that will do that (maybe some of the commercial ones do
> it, I really don't know as I don't have experience on them).
Indeed.
Steve
--
|
