Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!dimacs.rutgers.edu!seismo!uunet!elroy.jpl.nasa.gov!sdd.hp.com!wuarchive!udel!nigel.ee.udel.edu!mccalpin
From: mccalpin@perelandra.cms.udel.edu (John D. McCalpin)
Newsgroups: comp.sys.sgi
Subject: /usr/bin/under
Message-ID: <MCCALPIN.91Feb28153337@pereland.cms.udel.edu>
Date: 28 Feb 91 20:33:37 GMT
Sender: usenet@ee.udel.edu
Distribution: usa
Organization: College of Marine Studies, U. Del.
Lines: 13
Nntp-Posting-Host: perelandra.cms.udel.edu

I was doing a routine security check on my machine after I observed
some suspicious activity, and I found a file '/usr/bin/under' which is
set up to setuid to root.  I could not find documentation for this file.
Does it belong there?

I also found '/usr/bin/X11/xterm' set up as setuid to root.  Do I lose
any functionality by turning this 'feature' off?

Thanks for any help!
--
John D. McCalpin			mccalpin@perelandra.cms.udel.edu
Assistant Professor			mccalpin@brahms.udel.edu
College of Marine Studies, U. Del.	J.MCCALPIN/OMNET