Is this a valid point out "setuid programs owned by root can be a security problem."?

GeorgeAlexandruHalmai

At lesson 03 Processes - Process Attributes we are taught about setuid and at the end of 3rd phrase, it is written and I quote "setuid programs owned by root can be a security problem."
If we do a list on the /usr/bin/ directory, we can see that there are some programs which are marked with the "s" execute bit and the owner is the "root".

coop

yes this is a valid point. note the "can be" in the sentence. There have been distributions which have forbid this.

GeorgeAlexandruHalmai

Thank you for the answer @coop .