From Bugzilla Helper: User-Agent: Mozilla/5.0 (compatible; Konqueror/3.4; Linux) KHTML/3.4.1 (like Gecko) Description of problem: Programs in /usr/bin generally are world readable. There is possibly some benefit in having SETUID or SETGID programs not be world readable, but for a program that runs with no special privs there is no benefit and just a minor annoyance factor in not being able to copy the program as non-root. Please make it mode 0755. Version-Release number of selected component (if applicable): finger-0.17-28 How reproducible: Always Steps to Reproduce: . Additional info:
True, seems to me too paranoid :) Fixed in rawhide
Have you read http://www.redhat.com/magazine/017mar06/departments/ask_shadowman/ ? From paragraph 'An astute reader asked'. I admit I don't know the answer to the question in the last paragraph but something tells me the permissions are intentional and shouldn't have been changed. Please verify it!
Okay, current RH Mag issue talks about the permissions further and although finger changelog says * Wed May 17 2000 Chris Evans <chris.ox.ac.uk> - make some files mode -rwx--x--x as a security hardening measure even Linus doesn't find such restrictive mode much useful. BTW, if you want to be consistent you may want to revert permissions of /usr/sbin/in.fingerd back to 755, too.