On 5/30/07, Druid
On 5/30/07, Alexey Eremenko
wrote: Adding /sbin/ to user's $PATH doesn't lower your security. (because
Thats your oppinion or do you have some way to prove that?
1. Well, you're still bound to the Linux security model. 2. as a normal user can execute /sbin/* programs anyways. 3. ifconfig executed by the user can only be used for show command 4. try run ifconfig as a normal user, like that: "ifconfig eth0 10.0.0.1" to change something. This will fail, because of rule 1. That is - while the /sbin/* command are available to type, they are *only* functioning to the point allowed for non-root users. Users don't get any extra privileges because of changing the $PATH. 5. The above proves that security is stayed the same. -- -Alexey Eremenko "Technologov" -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org