2.5.2p2 ssh-keyscan installed group writable?
Phil Pennock
Phil.Pennock at globnix.org
Wed Mar 28 09:23:25 EST 2001
On 2001-03-27 at 08:42 -0500, Christopher Linn gifted us with:
> it is common practice to deny readability to suid binaries, and this
> results in no loss of functionality. i *think* this is so users
> cannot copy and analyze the binary for e.g. buffer overruns
> and the like.
IIRC, there are some hideously broken Unices where you can trace
processes if you can read the executable, even if it's setuid.
I think that exec*() would _only_ drop tracing if you didn't have
read permission on the executed binary.
At least, this was the argument used some years back, back when I was
but a grasshopper.
--
Science without religion is lame; religion without science is blind.
-- Albert Einstein, Reader's Digest, Nov. 1973
More information about the openssh-unix-dev
mailing list