diff options
Diffstat (limited to 'tags/n/non-standard-executable-perm.tag')
-rw-r--r-- | tags/n/non-standard-executable-perm.tag | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/tags/n/non-standard-executable-perm.tag b/tags/n/non-standard-executable-perm.tag new file mode 100644 index 0000000..119271f --- /dev/null +++ b/tags/n/non-standard-executable-perm.tag @@ -0,0 +1,8 @@ +Tag: non-standard-executable-perm +Severity: warning +Check: files/permissions +Explanation: Executables that are not setuid or setgid should always have a mode + of 0755. Since anyone can obtain the executable by downloading the + Debian package and extracting it, restricting access serves little + purpose. +See-Also: debian-policy 10.9 |