On Sat, 9 Jan 1999, D. J. Bernstein wrote: [big snip] > My favorite workaround is to make the binary unreadable; I haven't found > any vendors silly enough to allow tracing here. Note that this prohibits > root-squashed NFS mounting for root-owned binaries. You are proposing that some significant security is obtained by making an executable file unreadable? I thought this one was laid to rest last year in the "Dump a mode --x--x--x binary on Linux 2.0.x" thread, wherein Martin Mares summarised: > Semantics of unreadable files is well-defined at file level (i.e., > it's defined you cannot read() them), but not at any other level. No > standard guarantees you that contents of such binaries are not > accessible in any other way Regards, Neale.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:28:35 PDT