It is a home computer with only one user.
These commands have been used:
chown root:root /usr/bin/apt-get
chmod 4775 /usr/bin/apt-getHow to reverse the commands and restore defaults?
1 Answer
Remove the dangerous setuid bit
sudo chmod 755 /usr/bin/apt-getNothing else is wrong.
To add a little more detail, here are the defaults:
$ stat -c '%a %A %U %G' /usr/bin/apt-get
755 -rwxr-xr-x root rootThe command mentioned in the question added the setuid bit, shown as a leading 4 in octal permissions and an s in place of the x for owner in the human-readable form:
4755 -rwsr-xr-xThe setuid bit allows the user executing the program to do so with the EUID of its owner. In this case, it means the normal user running apt-get does so as root by default. Since apt-get is capable of completely destroying your system, as pointed out in comments by David Foerster and cat, giving it this permission setting (especially since the execute bit for others is set, as it is in this case, allowing literally any user to run the program) is extremely insecure.
The setuid bit, always kept to a minimum, is present by necessity on the sudo program
$ stat -c '%a %A %U %G' /usr/bin/sudo
4755 -rwsr-xr-x root rootTo make this more secure, there is a strict policy about who may use sudo, configured in /etc/sudoers. If that file is corrupted or is not present, or if the permissions of sudo are wrong, sudo exits with errors.
