Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sun-barr!lll-winken!uunet!convex!convex.COM From: tchrist@convex.COM (Tom Christiansen) Newsgroups: comp.unix.questions Subject: Re: Security Message-ID: <105460@convex.convex.com> Date: 28 Aug 90 04:29:40 GMT References: Sender: usenet@convex.com Reply-To: tchrist@convex.COM (Tom Christiansen) Organization: CONVEX Software Development, Richardson, TX Lines: 33 I've received a lot of mail from people who didn't understand my (or Peter's, it would seem) postings about readable binaries. Permit me to elucidate. The reason that you shouldn't try to protect yourself by making system binaries unreadable is that you're not relying on password interrogation or even setuid programs, but on pure, unreliable ignorance. Once the secret is out, it can't be taken back. Never rely on someone not knowing how to something to keep them from doing it. Someday you'll be sorry. BTW, on these fascist systems with system binaries that aren't readable, what happens when these binaries take a SIGQUIT or some other coredump signal? Do you get a core dump with text you can read? On most UNIX systems I know, you do, which blows your wonderful security out of the water. Of what about attaching to running processes, such as with gdb? It's your process, so you can attach to it, right? Then you can read its text! There are lots of other ways. Getting a hold of backup tapes or root core dumps or all kinds of things will give away your shop if you rely upon this method. As to "who adb's system binaries," the answer is me and anyone else who wants to track down what's broken when something breaks. I don't always have root on the machine, but I still try to figure out what happened. Not being able to get at the binary is a serious impediment to this. --tom -- "UNIX was never designed to keep people from doing stupid things, because that policy would also keep them from doing clever things." [Doug Gwyn]