To take advantage of the proof-of-concept as part of the recent "Rohammer", read-voodoo-edem The tool was "ping"
and therefore my question - why do vengeance (especially the root) in various distributions make the executable readable as well as executable?
My speculation includes:
- Use facility with "ldd"
- Tri-veer or package-update checking software is non- To allow it to run as root
- this
- Cilinux can be used to make this irrelevant
- lazy developers
(3), hiding the public distribution binary only gives a fig leaf of security - and (5) there are too many names.
is not a complete answer, but I found out that if I need to read route root programs They have been stored on an NFS server.
I should say again: The local file system was enough for the set-root programs on chmod 4711, but the required mode on the NFS 4755 .
No comments:
Post a Comment