RFC: Remove write permissions from executables
Chris Adams
cmadams at hiwaay.net
Fri Jan 22 15:02:34 UTC 2010
Once upon a time, Miloslav TrmaÄ? <mitr at volny.cz> said:
> Chris Adams pÃÅ¡e v Pá 22. 01. 2010 v 08:06 -0600:
> > Once upon a time, Miloslav TrmaÄ? <mitr at volny.cz> said:
> > > We can extend the protection to all executables by a simple addition to
> > > redhat-rpm-config (https://bugzilla.redhat.com/show_bug.cgi?id=556897 ).
> > > After applying this patch, executable files in all rebuilt packages
> > > would not be writeable, most often using mode 0555.
> >
> > Please don't take away read permission without good reason. I have on
> > many occasion grepped for strings in binaries (who touches a particular
> > config file for example).
> Just to clarify, the proposal is to remove the write permission.
I saw "0555" and thought "0111". Sorry - my mistake.
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
More information about the devel
mailing list