SUID/GUID shell escape files (UNIX)
Module: File Find
This option modifies the
behavior of the Setuid files, Setgid files, Setuid executable files
and Setgid executable files checks. When this option and one or all
of these security checks are enabled, the checks examine the files
that are listed in the agent's /etc/shells file, as well as the
shell escape files specified in the file list, for setuid and/or
setgid attributes. Enter the full path names in the file list to
specify the shell escape files that need to be included in the
check. This check is dependent on the Starting directories
check.
The following table lists
the error messages for the check.
Table: Error messages for SUID/GUID shell escape
files
|
Message String ID and Category
|
Platform and Message Numeric ID
|
Message Title and Description
|
Additional Information
|
|
String ID: STKU_SGID_SHELL_FILE
Category: System Information
|
UNIX (5644)
|
Title: SGID bin/shell file
Description:The listed files have been assigned setgid
attributes. They are also specified in the file list as files that
provide escape to shell access.
|
Severity: yellow-1
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
|
String ID: STKU_SUID_SHELL_FILE
Category: System Information
|
UNIX (5645)
|
Title: SUID bin/shell file
Description:The listed files have been assigned setuid
attributes. They are also specified in the file list as files that
provide escape to shell access.
|
Severity: yellow-1
Correctable: false
Snapshot Updatable: false
Template Updatable: false
Information Field Format: [%s]
|
