Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 162643

Summary: /usr/bin/finger is mode 0711 not 0755
Product: [Fedora] Fedora Reporter: Russell Coker <rcoker>
Component: fingerAssignee: Radek Vokal <rvokal>
Status: CLOSED RAWHIDE QA Contact: Mike McLean <mikem>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: rbiba
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 0.17-29 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-07-13 12:50:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Russell Coker 2005-07-07 05:25:08 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.4; Linux) KHTML/3.4.1 (like Gecko)

Description of problem:
Programs in /usr/bin generally are world readable.  There is possibly some 
benefit in having SETUID or SETGID programs not be world readable, but for a 
program that runs with no special privs there is no benefit and just a minor 
annoyance factor in not being able to copy the program as non-root. 
 
Please make it mode 0755. 

Version-Release number of selected component (if applicable):
finger-0.17-28

How reproducible:
Always

Steps to Reproduce:
. 

Additional info:

Comment 1 Radek Vokal 2005-07-13 12:50:10 UTC
True, seems to me too paranoid :) Fixed in rawhide

Comment 2 Radek Bíba 2006-03-23 14:52:02 UTC
Have you read http://www.redhat.com/magazine/017mar06/departments/ask_shadowman/ ?
From paragraph 'An astute reader asked'. I admit I don't know the answer to the
question in the last paragraph but something tells me the permissions are
intentional and shouldn't have been changed. Please verify it!

Comment 3 Radek Bíba 2006-04-20 16:53:27 UTC
Okay, current RH Mag issue talks about the permissions further and although finger
changelog says

* Wed May 17 2000 Chris Evans <chris@ferret.lmh.ox.ac.uk>
- make some files mode -rwx--x--x as a security hardening measure

even Linus doesn't find such restrictive mode much useful.

BTW, if you want to be consistent you may want to revert permissions of
/usr/sbin/in.fingerd back to 755, too.