RFC: Remove write permissions from executables
Richard Zidlicky
rz at linux-m68k.org
Wed Jan 27 18:22:14 UTC 2010
On Wed, Jan 27, 2010 at 04:10:39PM +0100, Benny Amorsen wrote:
>
> > Mounting the fs read only is much easier and safer - and has long tradition.
>
> This is not feasible as a distribution policy. You can't guarantee that
> /usr/bin is on its own partition so you can mount it read only.
of course it is not guaranteed. But it is not difficult to detect and I think
plenty of sysadmins are doing it that way. Used to have many more advantages
than just a marginal gain in security.
Fedora certainly can not mandate this as a policy it would be nice if it would
work with this common setup.
> Also, the advantage of the proposed change was that it would not affect
> e.g. yum upgrade. Creative use of mount --bind could perhaps achieve the
> same result, but not in a way which I consider sane.
that would be indeed insane. But as has been mentioned rpm could have a hook
to do some actions before and after modifying anything.
> All in all I think it's a shame that the original proposal didn't work
> out at this time. Having binaries owned by bin:bin does have Unix (but
> not Linux AFAIK) tradition behind it.
now that you mention bin:bin, I remember the old days.
Richard
More information about the devel
mailing list