On Tue, Oct 17, 2017 at 07:21:02AM +0200, Uwe Menges wrote: > On 10/16/17 21:32, Austin S. Hemmelgarn wrote: > > Aside from that though, it's a case where the benefit to security is > > dependent on things that just aren't true for most systems amanda is > > likely to run on, namely that an attacker is: > > > > 1. Unable to determine what type of system you're running on. (This is a > > patently false assumption on any publicly available distro, as well as > > most paid ones like OEL, RHEL, and SLES). > > & > > 2. Unable to access the packages directly. > > What do these points have to do with the suid binary not being read- and > executable by normal users on that system? > > I think one "why" explanation is that a local user probably can't > exploit eventual issues in the suid binary if he can't execute it. > The question was why they are read protected. Read permission is not needed for execution. If someone wanted to look at the binary, the lack of read permissions on the installed copy won't prevent them from getting their own copy from the install package.
jl -- Jon H. LaBadie j...@jgcomp.com 11226 South Shore Rd. (703) 787-0688 (H) Reston, VA 20190 (703) 935-6720 (C)
