I would recommend auditing your system. The permissions on these files are not sane, and I would not trust that these are the only ones.

Both the old and the new file permissions are insanely insecure. Whatever set the initial permissions should be sought out summarily executed.

Unix permissions are grouped into a type indicator, and three groups of three permission "bits".

• Char 1: type indicator. '-' is a "regular" file, 'd' is a directory, 'l' is a symlink, 'c' is a character special file, 'b' is a block special file, and so on.
• Char 2-4: Owner ("root" in this case) permissions. Read, Write, Execute.
• Char 5-7: Group ("wheel" in this case) permissions. Read, Write, Execute.
• Char 8-10: Other permissions. Read, Write, Execute.

What do you think happens when Read, Write, and Execute are enabled for other (hint: "other" is able to change the file)? Does a privileged user ever execute that file (hint: if "yes", "other" now has control over what privileged user is executing)?

The solution given by the mac forum is accurate (that command adds the execute bit to owner, group, and other), but is incomplete. You also need to remove the write permissions from those files. As mentioned above, I would not trust that these are the only files with insecure permissions.

Update: Removed assumptions about Unix knowledge (added 'hints').