This is a list of setuid applications that need investigation. See the [[https://lists.ubuntu.com/archives/ubuntu-hardened/2007-October/000217.html|mailinglist post]] about this for more information. See also the [[http://bazaar.launchpad.net/%7Eubuntu-bugcontrol/qa-regression-testing/master/annotate/head%3A/install/README.files_explained|install audit notes]]. || '''Source Package''' || '''setuid Files''' || '''De-rooted''' || '''Capabilities''' || '''Changes Sent Upstream''' || '''Comments''' || || libpam-foreground || /bin/check-foreground-console || no || no || n/a || Small secure wrapper to read /dev/console|| || cupsys || /usr/bin/lppasswd || no || n/a || n/a || Needs root to read /etc/cups/passwd.* || || fping || /bin/fping || yes || n/a || no || *lines 518-522 fping.c || || util-linux || /bin/mount, /bin/umount || needed || no || n/a || Checks: if (getuid () != geteuid ()). Should check for CAP_SYS_ADMIN capability|| || exim4 || /usr/sbin/exim4 || configurable || possible || n/a || *lines 1581-1582 src/exim.c || || shadow || /bin/su, /usr/bin/chfn, /usr/bin/chsh, /usr/bin/gpasswd, /usr/bin/newgrp, /usr/bin/passwd || UNKNOWN || UNKNOWN || UNKNOWN || Needs a review || || sudo || /usr/bin/sudo, /usr/bin/sudoedit || UNKNOWN || UNKNOWN || UNKNOWN || Needs a review || || iputils || /bin/ping, /bin/ping6, /bin/arping, /usr/bin/traceroute6.iputils || yes || possible || UNKNOWN || *line 129 ping.c, *line 217 ping6.c, *line 314 arping.c, *line 343 traceroute6.c || || mtr || /usr/bin/mtr || yes || possible || n/a || *line 333 mtr.c || || glibc || /usr/lib/pt_chown || yes || possible || n/a || *line 147glibc-2.6.1/login/programs/pt_chown.c|| || cdrtools || /usr/bin/cdrecord || yes || possible || n/a || *line 1120 cdrecord/cdrecord.c || || eject || /usr/lib/eject/dmcrypt-get-device || yes || possible || n/a || *lines 60-61 dmcrypt-get-device.c || || openssh-client || /usr/lib/openssh/ssh-keysign || yes || tricky || n/a || *line 176 permanently_set_uid() function ssh-keysign.c || * - Where in the software the privileges are dropped using the setuid() / setgid() or setreuid() / setresgid() system calls.