bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bashbug install mode


From: Michał Górny
Subject: bashbug install mode
Date: Sun, 27 Nov 2016 10:35:43 +0100

Hi,

While scanning our systems for executables that are installed u-w, I've
noticed this specific mode is used for bashbug explicitly. Is there
a good reason for doing that?

This normally doesn't cause any major issues, except for a few minor
inconveniences when installed by a regular user. For example, the user
can't write to the file directly without adding u+w. rm will request
additional confirmation for removal, and vim will default to opening
the file read-only.

However, I don't really see why those should be enforced for bashbug
when bash is regularly installed u+w.

I've also heard of SELinux issues with u+w executables. However, I'm
not aware if they're specific to binary executables or apply to
interpreted scripts as well.

-- 
Best regards,
Michał Górny
<http://dev.gentoo.org/~mgorny/>

Attachment: pgpojEUps1UuS.pgp
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]