Re: horse carcas flogging (was: traceroute in /usr/bin, not /usr/sbin)
On Mon, Jun 18, 2001 at 10:31:57AM -0500, Steve Langasek wrote:
> Doesn't it seem a little odd to be changing the permissions on a program to
> disallow user access, for no other reason than to further your claim that
> traceroute is an admin tool? Debian is built on principles of openness, yet
> here we are discussing locking down access to a very useful tool -- not
> because it's a threat to system security, but because it's been dubbed an
> 'admin tool', and the proponents of this point of view would rather shoot
> their users in the foot than consider arguments to the contrary. There simply
> isn't any justification for the assertion that traceroute is a 'system
> administration' tool.
Any program that's setuid is a potential threat to security. That is one
reason why access to traceroute (and ping for that matter) should be limited
to trusted (and hopefully clueful) individuals.
> But again, I'm assuming that the definition of 'system administrator'
> precludes users who don't have root access, and that a tool which is
> legitimately used by non-administrators is not a 'system administration tool'
> as defined by the FHS. Since neither of these assumptions seems to be
> universally held, I invite you to provide another definition for 'system
> administrator' and 'system administration tool' that *by itself*, and *without
> referencing traceroute by name*, justifies the placement of traceroute in
System Administrator: One who admins a UNIX system and/or any of the
services running on that system.
System Administration Tool: A tool used by System Administrators (duh)
For instance, a DNS administrator (or group of DNS administrators) might have
access to the DNS Admin account on a DNS server, but not root access to the
box. This happens all the time in large organizations where not everyone is
allowed to have root.
Giving random lusers access to these tools is not advisable, since they
usually don't know how to use them properly, nor how to interpret the results
Adam McKenna <email@example.com> <firstname.lastname@example.org>