I am interested in the full impact of the read permission for binary executables. Indeed, I have encountered some behaviors that I wish to understand.
Let’s say I have a C program that just call sleep(300). When the binary has the read permission, I am able to inspect the /proc/$PID folder associated with the running program. But when I removed this permission, I cannot access said folder : it does not exist.
Similarly, If I have a more clever program that copies str from one pointer to another, calling strace on this executable while yield better results if the binary is “readable”. (For example, strace will show what every pointer points to) Since strace relies on ptrace to analyze the running program internals, I don’t understand the impact of the read permission. Indeed, I believe the read permission would only be relevant for statical analysis which rely on reading the binary.
Given the observed impact of the read permission, does that mean it is a good practice the remove the read permission of all the binaries on servers where security is critical?
Advertisement
Answer
It’s certainly possible on Linux to have a binary with only execute permissions, as you’ve discovered. Doing this has the potential to cause problems with troubleshooting, as you’ve also discovered, because it makes the process harder to instrument.
I’ve certainly seen installations where the administrators have systematically removed read permissions from all their own binaries. I’ve sometimes felt that doing this has caused problems, although the installations where this kind of thing was done were so complex that it was difficult to be certain.
I guess you have to weigh up the benefit of a small increase in security, with a small decrease in serviceability. My experience is that, whatever the merits of removing read permissions, it doesn’t seem to be a common practice in the Linux world.