should source files with 755 permission be considered a bug?
by linuxUser247 from LinuxQuestions.org on (#55F8F)
my Integrated Development Environment generates source files in my home directory with 755 permissions. I understand that I am the only person with physical access to my Linux machine.
The issue here is that these files are never meant to be executed. Therefore, file permissions don't have a sane setting.
The correct setting should be at least 444, if not 440. I don't have enough knowledge on Linux security to estimate the impact this change would make to global system security. Because of this my personal approach is to provide as much security as I am capable of without affecting my workflow.
My concerns is that these are generated files. I must not intentionally modify file contents. I must not unintentionally modify file contents. Same for my group. My world shouldn't even know these files exist, yet alone execute them!
My question is whether this qualifies for a bug report or not? It's an upstream issue so I cannot apply changes myself.
The issue here is that these files are never meant to be executed. Therefore, file permissions don't have a sane setting.
The correct setting should be at least 444, if not 440. I don't have enough knowledge on Linux security to estimate the impact this change would make to global system security. Because of this my personal approach is to provide as much security as I am capable of without affecting my workflow.
My concerns is that these are generated files. I must not intentionally modify file contents. I must not unintentionally modify file contents. Same for my group. My world shouldn't even know these files exist, yet alone execute them!
My question is whether this qualifies for a bug report or not? It's an upstream issue so I cannot apply changes myself.