sralston@srwic.UUCP (Steve Ralston) (09/14/90)
In article <3952@quiche.cs.mcgill.ca> mikey@quiche.cs.mcgill.ca (Michael GALLOP) writes: >Exactly, what you can do is: >chmod 711 /usr/bin/* >Which produces (I think :-)) rwx--x--x on every file in /usr/bin I would NOT recommend that anyone execute the above command on their **IX system. Reason: You will break most every program that relies on SETUID and/or SETGID permissions. Unless you KNOW (or have recorded) the default permissions [anywhere on your system], running that kind of chmod command could cost you much effort to undo. Much better would be: chmod o-r /usr/bin/* # revoke read permission from "others" # (other than user (owner) or group) but then, hardly any of the programs in /usr/bin should have "other read" perms set by DEFAULT anyway; unless you're running a fairly non-secure system. -- Steve Ralston sralston@srwic.UUCP 235 N Zelta voice: 316-686-2019 Wichita, KS 67206 ..!uunet!ncrlnk!ncrwic!srwic!sralston
cpcahil@virtech.uucp (Conor P. Cahill) (09/15/90)
In article <188@srwic.UUCP> sralston@srwic.UUCP (Steve Ralston) writes: >chmod o-r /usr/bin/* # revoke read permission from "others" > # (other than user (owner) or group) > >but then, hardly any of the programs in /usr/bin should have "other read" >perms set by DEFAULT anyway; unless you're running a fairly non-secure >system. Or, of course, unless the program is a shell script which would then no longer work. -- Conor P. Cahill (703)430-9247 Virtual Technologies, Inc., uunet!virtech!cpcahil 46030 Manekin Plaza, Suite 160 Sterling, VA 22170