Re: traceroute vs. traceroute6
Josip Rodin wrote:
>
> On Fri, Jul 28, 2000 at 07:36:46PM +1000, Herbert Xu wrote:
> > > so the question is why is it installed as suid?
> >
> > What's that got to do with anything?
>
> It's got to do with the fact that you allow the users to run it. And once
> you do that, it's no longer an admin-only command. To quote the FHS:
>
> # 4.7 /usr/sbin : Non-essential standard system binaries
> #
> # This directory contains any non-essential binaries used exclusively by
> # the system administrator.
>
> Notice the _exclusively_.
It used to be considered that traceroute could put too much load
on the network to be allow normal users to execute it, hence it
formally _was_ for exclusive use of the sysadmin. Hence, the
traditional location in /usr/sbin... which doesn't mean it must
stay there, of course.
With increases in network bandwidth, and more-and-more freedom
and decentralization in Computing, network diagnostic tools
are no longer considered the exclusive province of the sysadmin.
> > There are other setuid binaries in sbin and /usr/sbin as well.
>
> % find /sbin /usr/sbin -perm 4755
> /sbin/unix_chkpwd [1]
> /usr/sbin/traceroute
>
> OTOH:
>
> % find /bin /usr/bin -perm 4755
> /bin/login
> /bin/mount
> /bin/umount
These last two also used to be the exclusive perogative of the
sysadmin, in fact, on Solaris and HP-UX, they are in /usr/sbin,
while in AIX, they are in /etc (GHACKK!) I suppose, since
the advent of the user and users options in mounting, that
they no longer need to stay there, and that's why they're
already moved in Debian.
> ...
--
Bolan.Meek@wcom.com 972-729-5387
bolan@koyote.com (home ph. on Q) http://www.koyote.com/users/bolan
RE: xmailtool http://www.koyote.com/users/bolan/xmailtool/index.html
RMS of Borg: "Resistance is futile; you shall be freed."
Reply to: