Unreadable binaries
Adam Jackson
ajax at redhat.com
Thu Oct 22 13:48:43 UTC 2009
On Thu, 2009-10-22 at 11:04 +0100, Richard W.M. Jones wrote:
> $ ll /usr/libexec/pt_chown
> -rws--x--x 1 root root 28418 2009-09-28 13:42 /usr/libexec/pt_chown
> $ ll /usr/bin/chsh
> -rws--x--x 1 root root 18072 2009-10-05 16:28 /usr/bin/chsh
>
> What is the purpose of making binaries like these unreadable?
>
> Originally I thought it was something to do with them being setuid,
> but there are counterexamples:
>
> $ ll /usr/bin/passwd
> -rwsr-xr-x 1 root root 25336 2009-09-14 13:14 /usr/bin/passwd
Historically, the kernel considers read permission on a binary to be a
prerequisite for generating core dumps on fatal signal; which you
typically want to prevent, since that becomes a way to read /etc/shadow.
Pretty sure that's still the case, which means any u+s binaries with
group/other read permission are bugs.
- ajax
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20091022/0c53233d/attachment.sig>
More information about the fedora-devel-list
mailing list