Security permissions for .r

[jsharma]

Hi

I am new to Progress. I have a progress source file, which I compiled and got a .r file. I have given only --x--x--x permissions to the .r file. With these permission I am unable to execute the file. But when I give the permissions r-xr-xr-x, the file gets executed.

Is it mandatory that the executable file has the read access as well?

Thanks
JSharma

 

[vinod_home]

Hi,

I dont think this a progress problem. Even if you have a shell script, and change the permissions to ---x--x--x, you cannot execute it. If you cannot read a file you will not be able to execute the file.

HTH

 

[methyl]

Suitable general unix permissions for Progress ".r" are "-rw-r--r--" . Only the owner can update the ".r" code and everyone can read the ".r" code.
Unix execute permission are only relevant to programs or scripts which can be executed by unix. For example the unix script "pro" and the program it calls ("_progres") both need unix execute permissions.
Progress ".r" code is not unix binary code. It is a compiled format unique to Progress. The Progress client program needs unix read permissions to retrieve the ".r" code which it then executes in its own environment - including passing i/o requests to the background database engine.
You still need read and execute permissions on the directories containing the ".r" code e.g. "drwxr-xr-x" because this controls whether unix programs (including "_progres") are allowed to access the directory itself and it gives some control over hackers and tinkerers changing things.
[font=r_ansi]Gurus on secure sites will no doubt tighten the unix permissions further.
[/font]