Setuid files (UNIX)

Module: File Find

This check reports files that have been assigned the setuid attribute. Anyone running a setuid file is temporarily assigned the user ID of the file. While many system files depend on this attribute for proper operation, security problems can result if setuid is assigned to programs that allow reading and writing of files or escapes to shell. Enter full path names and wildcard characters in the file list to specify files and directories to be excluded from the check. For example, you would enter /etc/* to exclude all files in the /etc directory.

The following table lists the error message for the check.

Table: Error message for Setuid files

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_SETUID

Category: System Information

UNIX (5630)

Title: File is setuid

Description:The listed files have been assigned the setuid attribute. Setuid means that anyone running these files is temporarily assigned the user ID of the file. While many system files depend on this attribute for proper operation, security problems can result if setuid is assigned to programs that allow reading and writing of files or escapes to shell. You should examine the listed for such attributes and use the chmod command to change file setuid properties where appropriate.

Severity: green-0

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]