[opensuse] Re: [opensuse-factory] Making Basic Utilities work under normal user - openSUSE Users - openSUSE Mailing Lists

newer
[opensuse] beryl and video

[opensuse] Re: [opensuse-factory] Making Basic Utilities work under normal user

older
RE: [opensuse] setting up PTR DNS...

Druid

30 May 2007 30 May '07

12:38

On 5/30/07, Alexey Eremenko wrote:

Adding /sbin/ to user's $PATH doesn't lower your security. (because

Thats your oppinion or do you have some way to prove that? Its very interesting that everybody using linux and defining LSB and FHS are wrong and you are correct... Let's not make some weirdness that will make us a joke among the linux distros, ok? Pascal said everything... Marcio --- druid -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org

Reply

Sign in to reply online Use email software

Show replies by date

Carlos E. R.

30 May 30 May

12:47

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2007-05-30 at 09:38 -0300, Druid wrote:

On 5/30/07, Alexey Eremenko wrote:

...
Adding /sbin/ to user's $PATH doesn't lower your security. (because

Thats your oppinion or do you have some way to prove that?

It does neither improve neither lower it. Obscurity is not security. It is not necesary, it may not be inconvenient, but it is not insecure. Programs that a user should not use are simply not executable by him. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFGXXJvtTMYHG2NR9URAkR7AJ4+G9caqWCrf7ecM7rqBaezNQxtqgCgiXlF dseK+8I/X3gncU3Rc63yxgM= =XfDh -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org

Reply

Sign in to reply online Use email software

Druid

16:31

...
Thats your oppinion or do you have some way to prove that?

It does neither improve neither lower it. Obscurity is not security.

Breaking standards among the linux distros improves anything? And here we are again wasting time in a dumb discussion... Thanks a lot, alexey, again, for making people waste time with your lunatic thoughts.... regards Marcio --- druid -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org

Reply

Sign in to reply online Use email software

JB2

19:08

On Wed 30 May 07 11:31, Druid wrote:

lunatic

You've finally started to help yourself by recognizing of your problem. Now, go get treatment for it. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org

Reply

Sign in to reply online Use email software

Alexey Eremenko

19:22

On 5/30/07, Druid wrote:

On 5/30/07, Alexey Eremenko wrote:

...
Adding /sbin/ to user's $PATH doesn't lower your security. (because

Thats your oppinion or do you have some way to prove that?

1. Well, you're still bound to the Linux security model. 2. as a normal user can execute /sbin/* programs anyways. 3. ifconfig executed by the user can only be used for show command 4. try run ifconfig as a normal user, like that: "ifconfig eth0 10.0.0.1" to change something. This will fail, because of rule 1. That is - while the /sbin/* command are available to type, they are *only* functioning to the point allowed for non-root users. Users don't get any extra privileges because of changing the $PATH. 5. The above proves that security is stayed the same. -- -Alexey Eremenko "Technologov" -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org

Reply

Sign in to reply online Use email software

Kenneth Schneider

20:35

New subject: [opensuse] Re: [opensuse-factory] Making Basic Utilities work under normal user

On Wed, 2007-05-30 at 21:22 +0200, Alexey Eremenko wrote:

On 5/30/07, Druid wrote:

...
On 5/30/07, Alexey Eremenko wrote:

...
Adding /sbin/ to user's $PATH doesn't lower your security. (because

Thats your oppinion or do you have some way to prove that?

1. Well, you're still bound to the Linux security model. 2. as a normal user can execute /sbin/* programs anyways. 3. ifconfig executed by the user can only be used for show command 4. try run ifconfig as a normal user, like that: "ifconfig eth0 10.0.0.1" to change something. This will fail, because of rule 1. That is - while the /sbin/* command are available to type, they are *only* functioning to the point allowed for non-root users. Users don't get any extra privileges because of changing the $PATH. 5. The above proves that security is stayed the same.

Then write the LSB people and tell them to change the standard and quit your bitching here about it. And remember you can always customize your install of linux to _your_ liking which is not necessarily my liking. -- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org

Reply

Sign in to reply online Use email software

M Harris

22:14

On Wednesday 30 May 2007 14:22, Alexey Eremenko wrote:

...
...
Adding /sbin/ to user's $PATH doesn't lower your security. (because

Thats your oppinion or do you have some way to prove that?

1. Well, you're still bound to the Linux security model. hi Alexey, The security model is not the issue. In fact, security really has nothing to do with the core issue here--- the other respondents are attempting to address the LSB issue which is unfortunately at permanent odds with your idea regarding sbin utils. What is at stake is the Linux Standard Base, and LSB certification compliance. Please reference the following link:

http://www.linux-foundation.org/en/Products The products listed above are certified to be in compliance with the open standards ---Linux Standard Base... for instance openSUSE 10.0 is in compliance with the core LSB version 3.0. There are lots of good ways to organize a system... and I could probably think of some myself... but the idea here is to prevent Linux from fragmenting. What differentiates one distribution from another should *not* be its basic organization and functionality. I should be able to drive Fedora just as easily as openSUSE, as Ubuntu. The greater benefit of course that comes from LSB is an open standard development platform. We want developers to write code for Linux... and the only way that really works in practice is to have the core system pretty much an open standard so that developers know what to expect... not to mention users! ---a new app should install and run fine on Fedora, and on openSUSE, and on Ubuntu. LSB is a good thing for everyone over the long haul. -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org

Reply

Sign in to reply online Use email software

6181

Age (days ago)

6181

Last active (days ago)

Download

6 comments

6 participants

tags

participants (6)

Alexey Eremenko
Carlos E. R.
Druid
JB2
Kenneth Schneider
M Harris