Just yesterday, somebody told me about this online PDF book called
Securing and Optimizing Linux,
which is very Red Hat centric but contains "some interesting topics like kernel optimization and security hints" (as that person told me). While browsing my copy, I stumbled over the suid and sgid security procedure, where they have a list of programs that have the suid flag set and which could/should be removed from a secure server.
What really astonished me was, that they left suidperl and a hardlink to it, sperl5.005_3 on the system, which somewhat defeats the whole purpose of removing suid programs at all.
So now my main question is, why have suidperl at all ? Which standard scripts and other stuff depend on it ?