Woah! I jumped the gun with the lsat summary. Big thanks to:
Will Flett W.Flett_at_dcs.rhbnc.ac.uk
who sent this great reply that has more of an answer to the specific
question. Thanks again to all that replied.
His reply:
I would suggest that removing the others read permission is about as
far as you should go to fix this particular problem (symlink/coredump).
Removing the execute permission would stop everyone being able to run
that command (which is probably undesirable).
The theory behind this is that removing the others read permission
stops unprivileged users from being able to copy the original program
and hence disables their ability to produce a core dump from it.
(Basically a core dump includes a copy of the original running image
+ other bits and is meant for debugging purposes).
My original message:
This thread has been wrapped up very neatly, but I had one more
> question. Please forgive any "cluelessness" in advance. The consensus
> was that Yes, removing other read permissions looks like it works and
> noone has seen any negative effects... however, is it just read access
one
> should remove or should I also remove other execute access? Like I
said,
> I'm somewhat new to this and was trying to be perfectly clear.
Thanks again,
Britt Johnson
Received on Thu May 14 1998 - 16:46:40 NZST