Xref: utzoo alt.bbs:2925 comp.unix.sysv386:358 alt.security:1535
Path: utzoo!utgpu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!rpi!sci.ccny.cuny.edu!phri!cmcl2!kramden.acf.nyu.edu!brnstnd
From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein)
Newsgroups: alt.bbs,comp.unix.sysv386,alt.security
Subject: Re: Protecting against downloads
Message-ID: <7772:Sep1408:18:1190@kramden.acf.nyu.edu>
Date: 14 Sep 90 08:18:11 GMT
References: <2412@sud509.ed.ray.com>
Organization: IR
Lines: 13

In article <2412@sud509.ed.ray.com> heiser@tdw201.ed.ray.com writes:
> Thanks to all of you who replied so quickly to my question about
> protecting my system against unauthorized downloads of binary files.
> The overwhelming majority of the responses have told me what I 
> already knew -- the (obvious) setting of file modes to be execute-only.

And what do you do about text images in core files?

To do this right, you should protect all your executables and scripts
behind a setuid program that handles access control and disables the
appropriate signals.

---Dan