Ian Lepore <freebsd <at> damnhippie.dyndns.org> writes: > ... > It's not a > directory or executable file in the first place, so making it executable > for everyone except the owner and group is not some sort of subtle > security trick, it's just meaningless. > ... Is it meaningless ? Example: # cat /var/spool/output/lpd/.seq #! /usr/local/bin/bash touch /tmp/jb-test-`echo $$` # ls -al /var/spool/output/lpd/.seq -rw-r----x 1 root daemon 54 Feb 29 17:05 /var/spool/output/lpd/.seq # /var/spool/output/lpd/.seq # # ls /tmp/jb* /tmp/jb-test-61789 # chmod 0640 /var/spool/output/lpd/.seq # ls -al /var/spool/output/lpd/.seq -rw-r----- 1 root daemon 52 Feb 29 17:11 /var/spool/output/lpd/.seq # /var/spool/output/lpd/.seq su: /var/spool/output/lpd/.seq: Permission denied # jbReceived on Wed Feb 29 2012 - 15:18:59 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:24 UTC