Am Son, 2002-09-22 um 22.36 schrieb Colin Watson: > > i explictly grant permissions on demand and after some checks. i dont > > give everyone access to a specific resource. so for security reasons the > > exe-permissions should used really carefully. its like a opt-in into my > > "security realm". > > As I said above, the execute bit provides no real security except in the > case of set-id executables. No trust needs to be involved, since anybody > who can read the file can arrange to execute it anyway. > > If you're concerned about setting the executable bit because you have > programs that randomly go around actually executing untrusted code, of > course, then they're buggy and should be fixed ...
of course. but i believe that here the same as for i.e. databases applies: i grant permissions explictly and by default every file is just readable. not execute permissions. setting the execute permissions by default can makes it maybe easier to find a backdoor. so this i just a security concern and this i not a fact. i think, setting exe-perms should be done after some simple checks. cu -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
