Subject: Re: misc/143: Setuid programs installed unreadable
To: Peter da Silva <peter@Taronga.COM>
From: Chris G. Demetriou <cgd@postgres.Berkeley.EDU>
List: netbsd-bugs
Date: 02/28/1994 20:15:11
> I don't get it. Since anyone can FTP the source to these things, how does
> making the binaries unreadable help?
Just because you, i, or anyone on the internet can ftp the source to
them, that doesn't mean that "anyone" can do it -- there are sites
off the net, or on "company-internal" networks that have just as much
(if not more) to worry about re: security than you or i.
also, if somebody wants to break in, via reading and e.g.
disassembling the binary to find bugs, then they also need to
know which libs it was compiled against, etc.
my opinion doesn't change.
cgd
------------------------------------------------------------------------------