[ find -perm 4000 ... ]
Looks like most setuid binaries could be replaced by services (e.g. over D-BUS), running in an environment that is known and trusted. e.g. chsh, ping, mount (for cases where setuid is used), passwd, at.
su and sudo could be replaced by ssh (or telnet) localhost.
I'm not quite sure why chromium-browser-sandbox needs to be setuid, but presumably a slightly improved seccomp mode would fix that.
Is there anything that really needs to be setuid?
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds