2.5.2p2 ssh-keyscan installed group writable?

Christopher Linn celinn at mtu.edu
Tue Mar 27 23:42:00 EST 2001

On Tue, Mar 27, 2001 at 08:21:12AM +0100, Kevin Steves wrote:
> and i also wonder why isn't ssh group, other readable:
>   no)
>        AC_MSG_RESULT(no)
>        SSHMODE=0711
>        ;;
>   *)   AC_MSG_RESULT(yes)
>        SSHMODE=04711

this one *is* intentional  ;*)

it is common practice to deny readability to suid binaries, and this
results in no loss of functionality.  i *think* this is so users 
cannot copy and analyze the binary for e.g. buffer overruns
and the like.


Christopher Linn, <celinn at mtu.edu>    | By no means shall either the CEC
Staff System Administrator            | or MTU be held in any way liable
  Center for Experimental Computation | for any opinions or conjecture I
    Michigan Technological University | hold to or imply to hold herein.

More information about the openssh-unix-dev mailing list