Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!news.cs.indiana.edu!ux1.cso.uiuc.edu!ux1.cso.uiuc.edu!aglew From: aglew@crhc.uiuc.edu (Andy Glew) Newsgroups: comp.unix.questions Subject: Re: /bin read bits Message-ID: Date: 10 Dec 90 04:19:50 GMT References: Sender: news@ux1.cso.uiuc.edu (News) Organization: Center for Reliable and High-Performance Computing University of Illinois at Urbana Champaign Lines: 19 In-Reply-To: pete@wvus.wciu.edu's message of 29 Nov 90 20:37:17 GMT >Is there any good reason why UNIX systems are shipped with the read bit set >for 'other' in /bin and /usr/bin binaries? Are you trying to promote "security" by doing this? I am not adverse to security (having worked at the company that put out the first NCSA certified secure UNIX), but I believe that such "security through obscurity" approaches are foolish. On the other hand, a reason for letting the world read binaries: I frequently am asked to help people use UNIX tools - sometimes the old standards, sometimes third party commercial software. Frequently the user is being frustrated by error messages of the form "File not found". Usually my first step is to run strings on the binary, to find out what files it is looking for. Is this a good reason? Not if you've got a bullet-proof product. But I doubt that you do. -- Andy Glew, a-glew@uiuc.edu [get ph nameserver from uxc.cso.uiuc.edu:net/qi]