On Wed, 2007-05-30 at 21:22 +0200, Alexey Eremenko wrote:
On 5/30/07, Druid
wrote: On 5/30/07, Alexey Eremenko
wrote: Adding /sbin/ to user's $PATH doesn't lower your security. (because
Thats your oppinion or do you have some way to prove that?
1. Well, you're still bound to the Linux security model. 2. as a normal user can execute /sbin/* programs anyways. 3. ifconfig executed by the user can only be used for show command 4. try run ifconfig as a normal user, like that: "ifconfig eth0 10.0.0.1" to change something. This will fail, because of rule 1. That is - while the /sbin/* command are available to type, they are *only* functioning to the point allowed for non-root users. Users don't get any extra privileges because of changing the $PATH. 5. The above proves that security is stayed the same.
Then write the LSB people and tell them to change the standard and quit your bitching here about it. And remember you can always customize your install of linux to _your_ liking which is not necessarily my liking. -- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org