/bin read bits

Andy Glew aglew at crhc.uiuc.edu
Mon Dec 10 15:19:50 AEST 1990


>Is there any good reason why UNIX systems are shipped with the read bit set
>for 'other' in /bin and /usr/bin binaries?

Are you trying to promote "security" by doing this?  I am not adverse
to security (having worked at the company that put out the first NCSA
certified secure UNIX), but I believe that such "security through
obscurity" approaches are foolish.

On the other hand, a reason for letting the world read binaries: I
frequently am asked to help people use UNIX tools - sometimes the old
standards, sometimes third party commercial software.  Frequently the
user is being frustrated by error messages of the form "File not
found".  Usually my first step is to run strings on the binary, to
find out what files it is looking for.
    Is this a good reason?  Not if you've got a bullet-proof product.
But I doubt that you do.

--
Andy Glew, a-glew at uiuc.edu [get ph nameserver from uxc.cso.uiuc.edu:net/qi]



More information about the Comp.unix.questions mailing list