Xref: utzoo alt.security:1531 alt.bbs:2921 comp.unix.sysv386:336
Path: utzoo!utgpu!cs.utexas.edu!asuvax!noao!arizona!naucse!jdc
From: jdc@naucse.cse.nau.edu (John Campbell)
Newsgroups: alt.security,alt.bbs,comp.unix.sysv386
Subject: Re: Protecting against downloads
Message-ID: <2527@naucse.cse.nau.edu>
Date: 13 Sep 90 23:37:23 GMT
References: <1990Sep13.154822.17902@naitc.uucp>
Followup-To: alt.security
Organization: Northern Arizona University, Flagstaff AZ
Lines: 21

> 
> MOST systems ship with the entire contents of /bin, /usr/bin, and even /etc
> readable by world!  This, needless to say, is complete garbage; there's no
> reason in the world why someone has to have read access to /bin/cc!

I disagree.  Read access to /bin/cc (or /bin/ccp) is often the only way I 
have to find out what preprocessor strings are defined.   In fact,
there was a shell script posted to comp.unix.questions to help us who
were looking for a way to distinguish between vax, unix, m6800, and other
cc compilers.  Many vendors ship the same man page for cc they received
from ATT even though they wrote a new compiler.  Unfortunately the best
information (short of the source code) is not in the manual but in
``string /bin/cc''.  I know a pascal class I taught on unix would have
flubbed if I couldn't have found out a bit more about the compiler by
using the ``string'' function.

Another case of security and functionality conflicting?
-- 
	John Campbell               jdc@naucse.cse.nau.edu
                                    CAMPBELL@NAUVAX.bitnet
	unix?  Sure send me a dozen, all different colors.