Xref: utzoo alt.bbs:2935 comp.unix.sysv386:382 alt.security:1542
Path: utzoo!utgpu!cs.utexas.edu!sun-barr!olivea!orc!inews!iwarp.intel.com!gargoyle!chinet!les
From: les@chinet.chi.il.us (Leslie Mikesell)
Newsgroups: alt.bbs,comp.unix.sysv386,alt.security
Subject: Re: Protecting against downloads
Message-ID: <1990Sep14.214016.8134@chinet.chi.il.us>
Date: 14 Sep 90 21:40:16 GMT
References: <2412@sud509.ed.ray.com> <7772:Sep1408:18:1190@kramden.acf.nyu.edu>
Organization: Chinet - Chicago Public Access UNIX
Lines: 13

In article <7772:Sep1408:18:1190@kramden.acf.nyu.edu> brnstnd@kramden.acf.nyu.edu (Dan Bernstein) writes:

>To do this right, you should protect all your executables and scripts
>behind a setuid program that handles access control and disables the
>appropriate signals.

Yes, and the vendor-supplied login program does exactly that.  If it
allows all users to read the executables as supplied by the vendor,
then we should assume that the vendor either doesn't care if they are
copied or is negligent in their responsibilities.
 
Les Mikesell
  les@chinet.chi.il.us