On Thu, 2009-10-22 at 09:48 -0400, Adam Jackson wrote: > On Thu, 2009-10-22 at 11:04 +0100, Richard W.M. Jones wrote: > > $ ll /usr/libexec/pt_chown > > -rws--x--x 1 root root 28418 2009-09-28 13:42 /usr/libexec/pt_chown > > $ ll /usr/bin/chsh > > -rws--x--x 1 root root 18072 2009-10-05 16:28 /usr/bin/chsh > > > > What is the purpose of making binaries like these unreadable? > > > > Originally I thought it was something to do with them being setuid, > > but there are counterexamples: > > > > $ ll /usr/bin/passwd > > -rwsr-xr-x 1 root root 25336 2009-09-14 13:14 /usr/bin/passwd > > Historically, the kernel considers read permission on a binary to be a > prerequisite for generating core dumps on fatal signal; which you > typically want to prevent, since that becomes a way to read /etc/shadow. > > Pretty sure that's still the case, which means any u+s binaries with > group/other read permission are bugs. dumpable flag gets cleared for suid/sgid binaries (as well as for non-readable binaries). -- Stephen Smalley National Security Agency -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
