Re: Understanding /root, /usr, /var and so on
In linux.debian.user, gene.heskett wrote:
>
> I have a silly question though, why does the user need access to
> ifconfig? If the admin is doing his job, it seems that the network
On some (many?) boxes, the user == the administrator, just not logged
in as root. Not everyone has the privilege of owning their own admin.
Not everyone's insane enough to run non-Debian on their *own* boxes
given the choice.
> shouldn't have, nor need access to ifconfig. Giving everybody access
> to ifconfig and its ilk sure sounds like a big security hole to me.
Ridiculous:
- cd /sbin ; ./ifconfig
- cd ; /sbin/ifconfig
- "export PATH=/sbin:$PATH" (not that I'm suggesting anyone
do this :-)
I guess Debian's just full of security holes! :-P Oh, wait, this
works on any *nix box! CERT! Oh geez, look at all those other
powerful tools in /sbin they have access to as well! Aaiiiiii!
--
Any technology distinguishable from magic is insufficiently advanced.
(*) http://www.spots.ab.ca/~keeling Linux Counter #80292
- - Spammers! http://www.spots.ab.ca/~keeling/emails.html
http://www.ietf.org/rfc/rfc1855.txt
Reply to: