[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bashbug install mode
From: |
Michał Górny |
Subject: |
bashbug install mode |
Date: |
Sun, 27 Nov 2016 10:35:43 +0100 |
Hi,
While scanning our systems for executables that are installed u-w, I've
noticed this specific mode is used for bashbug explicitly. Is there
a good reason for doing that?
This normally doesn't cause any major issues, except for a few minor
inconveniences when installed by a regular user. For example, the user
can't write to the file directly without adding u+w. rm will request
additional confirmation for removal, and vim will default to opening
the file read-only.
However, I don't really see why those should be enforced for bashbug
when bash is regularly installed u+w.
I've also heard of SELinux issues with u+w executables. However, I'm
not aware if they're specific to binary executables or apply to
interpreted scripts as well.
--
Best regards,
Michał Górny
<http://dev.gentoo.org/~mgorny/>
pgpqfTwWVs_ku.pgp
Description: OpenPGP digital signature
- bashbug install mode,
Michał Górny <=