2015-01-06 8:27 GMT+01:00 whoami toask <whoamito...@safe-mail.net>: > Hello, > > isn't there too much SUID/SGID files on a default OpenBSD install?
No. I think you don't understand how SGID works. A small example: 155910 84 -r-xr-sr-x 4 root crontab 41752 Aug 8 08:06 /usr/bin/at/usr/bin/at If you run 'at' as a non-root user, then you do it as a user + crontab group, so the 'at' isn't executed with _root_ privileges. > Can this number be reduced? No. > # find / -perm -4000 -o -perm -2000 -ls -print | wc -l > 32 Ok, now clean the list from non-root SGID and give the result. btw. please don't cross-post (misc+tech). > Thanks, > > have a secure day! You too, Daniel
