Re: More bugs in 0.91 ...

To: debian-devel@pixar.com
Subject: Re: More bugs in 0.91 ...
From: iwj10@cus.cam.ac.uk (Ian Jackson)
Date: Wed, 2 Mar 94 07:28 PST
Message-id: <[🔎] m0pbduc-0002dGC.ijackson@nyx.cs.du.edu>
Reply-to: iwj10@cus.cam.ac.uk

James A. Robinson writes ("Re: More bugs in 0.91 ..."):
>[Ian Jackson wrote:]
>> * Various files in .../sbin aren't readable/executable by normal
>> users.  This is silly.
> 
> [...]  I guess the real discussion
> should be on what programs need to be secured.

There should be no programs on the system that are executable only by
root.

If they can screw the system up there is a problem even if we make the
executable protected - after all the user can just compile or install
their own.

(Note that this only applies to executable only by root -
group-execute protection may be useful on some rare setuid programs.)

Ian.

(SuperCite: just say `no'.)
(PS Flames on this to me not to the list, please!)

Reply to:

Prev by Date: HDB style locks (was "kermit")
Next by Date: Re: cron job to clean out old cat pages
Previous by thread: More bugs in 0.91 ...
Next by thread: Re: Perl and other issues
Index(es):
- Date
- Thread