On Wed, 2007-05-30 at 21:22 +0200, Alexey Eremenko wrote: > On 5/30/07, Druid <[EMAIL PROTECTED]> wrote: > > On 5/30/07, Alexey Eremenko <[EMAIL PROTECTED]> wrote: > > > Adding /sbin/ to user's $PATH doesn't lower your security. (because > > > > Thats your oppinion or do you have some way to prove that? > > > 1. Well, you're still bound to the Linux security model. > 2. as a normal user can execute /sbin/* programs anyways. > 3. ifconfig executed by the user can only be used for show command > 4. try run ifconfig as a normal user, like that: "ifconfig eth0 > 10.0.0.1" to change something. > This will fail, because of rule 1. > That is - while the /sbin/* command are available to type, they are > *only* functioning to the point allowed for non-root users. Users > don't get any extra privileges because of changing the $PATH. > 5. The above proves that security is stayed the same. >
Then write the LSB people and tell them to change the standard and quit your bitching here about it. And remember you can always customize your install of linux to _your_ liking which is not necessarily my liking. -- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998 -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
