Comment by Joker_vD
14 days ago
Honestly, sometimes I just want to mark all files on a Linux system as executable and see what would even break and why. Seriously, why is there a whole bit for something that's essentially an 'read permission, but you can also directly execute it from the shell'?
It’s a security thing, in conjunction with sudoers, I think.
From the days when UNIX was primarily multiuser/timeshare. You can prevent users from running wacky stuff with the umask.
No you can't. If a user can read something, it can execute it. The only thing where it matters is setuid applications where the setuid bit allows the user to run an application as someone else. But it's already a separate permission bit, and frankly, the whole setuid idea turned out to be quite a high-maintenance design in the end, with lots of additional features heaped on top of it to help mitigate the worst vulnerabilities.