Lines Matching full:suid
200 <h3 id="suid-files">Securing SUID files</h3>
207 <li>SUID processes must not provide a shell or backdoor that can be used to
209 <li>SUID programs must not be writable by any user.</li>
210 <li>SUID programs should not be world readable or executable. Create a group,
211 limit access to the SUID binary to members of that group, and place any
212 applications that should be able to execute the SUID program into that group.
214 <li>SUID programs are a common source of user rooting of devices. To reduce
215 this risk, SUID programs should not be executable by the shell user.</li>
218 <p>CTS verifier includes an informational test listing SUID files; some
