Protecting against downloads
John Campbell
jdc at naucse.cse.nau.edu
Fri Sep 14 09:37:23 AEST 1990
>
> MOST systems ship with the entire contents of /bin, /usr/bin, and even /etc
> readable by world! This, needless to say, is complete garbage; there's no
> reason in the world why someone has to have read access to /bin/cc!
I disagree. Read access to /bin/cc (or /bin/ccp) is often the only way I
have to find out what preprocessor strings are defined. In fact,
there was a shell script posted to comp.unix.questions to help us who
were looking for a way to distinguish between vax, unix, m6800, and other
cc compilers. Many vendors ship the same man page for cc they received
from ATT even though they wrote a new compiler. Unfortunately the best
information (short of the source code) is not in the manual but in
``string /bin/cc''. I know a pascal class I taught on unix would have
flubbed if I couldn't have found out a bit more about the compiler by
using the ``string'' function.
Another case of security and functionality conflicting?
--
John Campbell jdc at naucse.cse.nau.edu
CAMPBELL at NAUVAX.bitnet
unix? Sure send me a dozen, all different colors.
More information about the Comp.unix.sysv386
mailing list