[Xymon] XyMon client binaries default security is bad

28 Feb 2013


      upgraded XyMon (clinet) to 4.3.10 (the same was at least in 4.3.5) and
notices all files in bin can read and execute privileges to everyone:
ls -l client/bin/
total 1840
-rwxr-xr-x  1 xymon monitor 161079 Feb 28 21:08 clientupdate
-rwxr-xr-x  1 xymon monitor 200250 Feb 28 21:08 logfetch
-rwxr-xr-x  1 xymon monitor 151256 Feb 28 21:08 msgcache
-rwxr-xr-x  1 xymon monitor 153905 Feb 28 21:08 orcaxymon
-rwxr-xr-x  1 xymon monitor 156173 Feb 28 21:08 xymon
-rwxr-xr-x  1 xymon monitor 133445 Feb 28 21:08 xymoncfg
....
I suppose it depends on umask setting during installation, but I would
be more happy if installation process setup more secured configuration
regardless of default settings.
At least: -rwxr-x---

[Xymon] XyMon client binaries default security is bad

a.chervonets＠cominder.eu