1 |
> > This whole discussion is getting ridiculous. Gentoo is clearly |
2 |
> > looking to make a more secure _default_ install. You only have to su |
3 |
> > everytime if you're too lazy to use chmod... which was already |
4 |
> > mentioned... so how about we agree it's moot? |
5 |
> > -James |
6 |
> |
7 |
> The point was traceroute is _not_ installed by default. An admin |
8 |
> desiring to install this software, in my case, on several hundred |
9 |
> servers, I don't want to have to chmod traceroute on all those boxes, |
10 |
> everytime there's an update to traceoute because of what could be |
11 |
> deemed a poor choice for security. |
12 |
> |
13 |
> I don't see where the discussion has gotten moot or off-track. If |
14 |
> enough of the community wants it back the way it was, I assume Gentoo |
15 |
> developers will respond as such. |
16 |
|
17 |
I'd guess that the people that want software installed insecurely by |
18 |
default are a minority among users (or atleast I hope so). Per default |
19 |
most distributions try to minimize the number of applications that are |
20 |
installed suid root, which I hope Gentoo will too. |
21 |
Those that have taken all the security related considerations and still |
22 |
want traceroute installed suid root should either modify the ebuild and |
23 |
stash it in their overlay, or install something like cfengine that |
24 |
sets permissions to their needs. |
25 |
|
26 |
Patrick Börjesson |
27 |
|
28 |
-- |
29 |
Public key ID: 4C5AB0BF |
30 |
Public key available at wwwkeys.pgp.net |