summaryrefslogtreecommitdiffstats
path: root/tags/e/elevated-privileges.tag
diff options
context:
space:
mode:
Diffstat (limited to 'tags/e/elevated-privileges.tag')
-rw-r--r--tags/e/elevated-privileges.tag16
1 files changed, 16 insertions, 0 deletions
diff --git a/tags/e/elevated-privileges.tag b/tags/e/elevated-privileges.tag
new file mode 100644
index 0000000..f38357e
--- /dev/null
+++ b/tags/e/elevated-privileges.tag
@@ -0,0 +1,16 @@
+Tag: elevated-privileges
+Severity: warning
+Check: files/permissions
+Renamed-From:
+ setuid-binary
+ setgid-binary
+ setuid-gid-binary
+Explanation: This executable does not run with the identity of the user
+ who executes it. It runs instead with its owner ID in the file system
+ or with its group ID, or both.
+ .
+ This security-relevant setting is intentional for programs that
+ regularly acquire elevated privileges, such as <code>/bin/su</code>,
+ but can be a significant risk when it the setting is not intended.
+ .
+ Please override if needed.
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-10 09:12:01 +0000