1 |
On Tue, 16 Dec 2003 12:18:42 -0500 |
2 |
Kurt Lieber <klieber@g.o> wrote: |
3 |
|
4 |
> On Tue, Dec 16, 2003 at 11:59:00AM -0500 or thereabouts, David Olsen |
5 |
> wrote: |
6 |
> > Am I the only one that finds the newest changes to traceroute nothing |
7 |
> > but a large inconvenience? |
8 |
> |
9 |
> Well, I can't speak for everyone else, but I certainly find the changes |
10 |
> welcome. |
11 |
|
12 |
I find the change offensive. It is my system and I want the tools I install |
13 |
to work. There is no excuse for someone thinking they can force me to su |
14 |
every time I want to run traceroute. Of course the fix is obvious - chmod |
15 |
4755 traceroute. |
16 |
|
17 |
Why isn't this a USE option? |
18 |
|
19 |
I do hope the new traceroute works when set suid unlike another "tool" in |
20 |
common use for looking at network traffic which refuses to run when set suid |
21 |
- I have not tried it yet. |
22 |
|
23 |
michael |
24 |
> |
25 |
> > As near as I can figure, if I install traceroute, I want to use it, not |
26 |
> > muck with permissions or su - everytime I care to do some network |
27 |
> > analyzation. |
28 |
> |
29 |
> This is going to sound inflammatory, but I truly don't mean it as such. |
30 |
> That said, this is the mentality that caused Microsoft so many problems |
31 |
> with their products over the year. They made a conscious decision that |
32 |
> usability concerns would (almost) always trump security concerns. That |
33 |
> led to lovely things like new shares having "Anyone/Full Control" |
34 |
> permissions by default. |
35 |
> |
36 |
> At least on my servers, the only people I want using tools like |
37 |
> traceroute/tracepath are those folks who are responsbible for |
38 |
> administering them. Those are the same people who have root access on the |
39 |
> server, so requiring them to type 'sudo' in front of the command isn't |
40 |
> overly burdensome, imo. |
41 |
> |
42 |
> --kurt |
43 |
> |
44 |
|
45 |
|
46 |
-- |
47 |
---- ---- ---- |
48 |
Michael Reilly michaelr@×××××.com |
49 |
Cisco Systems, Santa Cruz, CA |
50 |
|
51 |
-- |
52 |
gentoo-security@g.o mailing list |