Michael Jennings <[EMAIL PROTECTED]> writes: > On Friday, 02 December 2005, at 18:11:57 (+0100), > Martin Geisler wrote: > >> Why would removing the read rights for normal users help with >> security? Anybody can download the source and build an identical >> copy anyway. Then it is only the permission bits which differ, and >> that's all that matters. > > I think it was more of a "best practices" sort of comment. It > certainly doesn't hurt to remove the read permissions on binaries > (but it DOES for scripts!), and if there were anything sensitive in > said binaries, it would provide added security.
I agree that one should apply all security measures possible, but removing read permissions on stock binaries isn't one of them, IMHO. Be paranoid, but apply it with some reason :-) -- Martin Geisler GnuPG Key: 0x7E45DD38 PHP Exif Library | PHP Weather | PHP Shell http://pel.sf.net/ | http://phpweather.net/ | http://mgeisler.net/ Read/write Exif data | Show current weather | A shell in a browser
pgpzyo1XPg0Qn.pgp
Description: PGP signature
