Antony Stone wrote: > On Tuesday 11 June 2002 9:55 pm, Ramin Alidousti wrote: > > > On Tue, Jun 11, 2002 at 09:40:53PM +0100, Antony Stone wrote: > > > On Tuesday 11 June 2002 9:38 pm, Tony Earnshaw wrote: [chomp] > > > > Did you say 'arp -a'? > > > > > > I would have done, if I knew I was root, but the commands I suggested > > > work for an unprivileged user too :-) > > > > If that information can be read by anybody then the wrapper program like > > arp can be run by anybody as well ;-) > > Well, on my system at least (Slackware 8.0), /proc/net/arp has permissions > -r--r--r-- so anyone can read it. The arp program is in /sbin, so it can > only be run by root.
Non sequiter. /sbin contains, by convention, binaries connected with system administration. That is *not* the same as "binaries that may only be executed by root". /sbin is not on non-root users' paths, by default, but that doesn't necessarily mean they can't execute stuff that lives there. Certainly, on my Debian Woody and Sid boxes here, the contents of /sbin are -rwxr-xr-x ;- the main thing stopping non-root users using some of them is a lack of privileges, not a lack of execute rights to the files. Specifically, arp lives in /usr/sbin on my boxen, and whilst that's not on my normal user's path, and the files are owned by root.root, I can quite happily: /usr/sbin/arp -a as any user. Similarly, a non-privileged user has no problems running /sbin/route. hth Adam
