Please, everyone, tell me. Suppose we had suid-root /bin/sh for 15 years. We noticed this and removed the suid bit from it, finally - because this way everyone's system was trivially vulnerable to a trivial local root - there isn't even "exploit" necessary, just run /bin/sh and be root.
Now you're asking to return things back "because real life is not a theoretical university thesis". Should we keep /bin/sh suid-root because some users setups broke when we revoked suid bit from a binary which never, ever, supposed to be suid? Sure you can rebuild your /bin/sh to make it suid (I dunno why do you want to rebuild it when there's chmod, but this is a different question). You're free to do it, that's your system. This does not mean everyone else system should be trivially owned like we had. And yes, as I mentioned before, some setups might break - the ones which relied on suid/sgid bits. If you had setup which relied on /bin/sh being suid-root, it wont work anymore. And it is not me who should tell you how to change your setup, because I don't know your setup. /bin/sh is not supposed to be suid-root, and there's no way it will be kept suid-root. What are we talking about? I don't understand. Thanks, /mjt
