I am starting an open source Python library that my company expects will be used by all of our customers. Since I am a sucker for proper presentation and practices, I have a question about file modes as saved by git. However, I want to avoid turning this into a best-practice type of discussion discouraged by StackOverflow, so here the is question in a form seeking a concrete answer:
Is there a reason why I shouldn't set Python examples in my library to be executable? I tend to set the executable flag on Python that I need to run and would prefer to do so (simply because it's generally slightly easier to type ./ than python), but I have noticed that most open source libraries differ from that in practice. I don't feel that such security should be manifested that way, but I want to make sure. I would not be setting library files to be executable, just example files or tests that I feel should be executable.
As a related question, should library files that are never meant to be executed directly omit the hashbang (#!/usr/bin/env python) on the first line?
Personally, I only set files I intend to be executed as scripts as executable. Using a least permissive model is a smart, if not ideal, design choice when it comes to security. If you don't need the permissions, don't use them.
I don't see any reason why omitting the shebang is a bad idea, other than if someone else want's to make the file executable they have two steps instead of one.