Bug 162643 - /usr/bin/finger is mode 0711 not 0755
Summary: /usr/bin/finger is mode 0711 not 0755
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: finger (Show other bugs)
(Show other bugs)
Version: rawhide
Hardware: All Linux
medium
medium
Target Milestone: ---
Assignee: Radek Vokal
QA Contact: Mike McLean
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-07-07 05:25 UTC by Russell Coker
Modified: 2007-11-30 22:11 UTC (History)
1 user (show)

Fixed In Version: 0.17-29
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-07-13 12:50:10 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Russell Coker 2005-07-07 05:25:08 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.4; Linux) KHTML/3.4.1 (like Gecko)

Description of problem:
Programs in /usr/bin generally are world readable.  There is possibly some 
benefit in having SETUID or SETGID programs not be world readable, but for a 
program that runs with no special privs there is no benefit and just a minor 
annoyance factor in not being able to copy the program as non-root. 
 
Please make it mode 0755. 

Version-Release number of selected component (if applicable):
finger-0.17-28

How reproducible:
Always

Steps to Reproduce:
. 

Additional info:

Comment 1 Radek Vokal 2005-07-13 12:50:10 UTC
True, seems to me too paranoid :) Fixed in rawhide

Comment 2 Radek Bíba 2006-03-23 14:52:02 UTC
Have you read http://www.redhat.com/magazine/017mar06/departments/ask_shadowman/ ?
From paragraph 'An astute reader asked'. I admit I don't know the answer to the
question in the last paragraph but something tells me the permissions are
intentional and shouldn't have been changed. Please verify it!

Comment 3 Radek Bíba 2006-04-20 16:53:27 UTC
Okay, current RH Mag issue talks about the permissions further and although finger
changelog says

* Wed May 17 2000 Chris Evans <chris@ferret.lmh.ox.ac.uk>
- make some files mode -rwx--x--x as a security hardening measure

even Linus doesn't find such restrictive mode much useful.

BTW, if you want to be consistent you may want to revert permissions of
/usr/sbin/in.fingerd back to 755, too.


Note You need to log in before you can comment on or make changes to this bug.