Vladimir A. Pavlov wrote: > On Monday 28 August 2006 03:24, Robert Connolly wrote: >> sed 's/4775/4755/' -i ping/Makefile.in > > First, I think the shown way is a hack a little. It's better to do the > following after installation: > > chmod 4711 /bin/ping > > Second, shouldn't it be 4711 rather than 4755? The read-by-others access > to a SUID file is a security hole.
Blocking read access wouldn't hurt anything, but wouldn't gain anything either. Do you care if someone can copy the file? Virtually everything in /bin is 755 and some have the suid bit set too. You are free to remove the read permissions on your system if you want. Looking in my /bin, these are the non-755 files: 555: bashbug, kill, ps 4755: mount, passwd, su, mount 4775: ping -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
