[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: horse carcas flogging (was: traceroute in /usr/bin, not /usr/sbin)

On Mon, Jun 18, 2001 at 10:31:57AM -0500, Steve Langasek wrote:
> Doesn't it seem a little odd to be changing the permissions on a program to
> disallow user access, for no other reason than to further your claim that
> traceroute is an admin tool?  Debian is built on principles of openness, yet
> here we are discussing locking down access to a very useful tool -- not
> because it's a threat to system security, but because it's been dubbed an
> 'admin tool', and the proponents of this point of view would rather shoot
> their users in the foot than consider arguments to the contrary.  There simply
> isn't any justification for the assertion that traceroute is a 'system
> administration' tool.

Any program that's setuid is a potential threat to security.  That is one
reason why access to traceroute (and ping for that matter) should be limited 
to trusted (and hopefully clueful) individuals.

> But again, I'm assuming that the definition of 'system administrator'
> precludes users who don't have root access, and that a tool which is
> legitimately used by non-administrators is not a 'system administration tool'
> as defined by the FHS.  Since neither of these assumptions seems to be
> universally held, I invite you to provide another definition for 'system
> administrator' and 'system administration tool' that *by itself*, and *without
> referencing traceroute by name*, justifies the placement of traceroute in
> /usr/sbin.

System Administrator:  One who admins a UNIX system and/or any of the
services running on that system.

System Administration Tool:  A tool used by System Administrators (duh)

For instance, a DNS administrator (or group of DNS administrators) might have 
access to the DNS Admin account on a DNS server, but not root access to the 
box.  This happens all the time in large organizations where not everyone is 
allowed to have root.

Giving random lusers access to these tools is not advisable, since they
usually don't know how to use them properly, nor how to interpret the results 


Adam McKenna  <adam@debian.org>  <adam@flounder.net>

Reply to: