1 |
On Sat, May 03, 2003 at 04:02:02PM +0200, Thomas Weidner wrote: |
2 |
> why are /sbin and /usr/sbin binaries' permissions 555 and not 550 ? |
3 |
|
4 |
It's not because the tools are for administrative duties that you have to |
5 |
make sure users cannot run them. There are some tools that users want to be |
6 |
able to run (route and ifconfig amongst others), even if it's just to gather |
7 |
information. |
8 |
|
9 |
If you really want to disable their usage, make the directories /sbin and |
10 |
/usr/sbin 750 or even 700. |
11 |
|
12 |
Wkr, |
13 |
Sven Vermeulen |
14 |
|
15 |
-- |
16 |
Thanks to DRM, you know that something has been built in environment of |
17 |
unspecified degree of security, from source you cannot check, written by |
18 |
programmers you don't know, released after passing QA of unknown quality and |
19 |
which is released under a license that disclaims any responsibility... |