| 1 |
On 2003-12-16 at 12:18:42, Kurt Lieber <klieber@g.o> wrote: |
| 2 |
> This is going to sound inflammatory, but I truly don't mean it as such. |
| 3 |
Opinions are just that. Mature people with mature opinons should accept as |
| 4 |
such. |
| 5 |
|
| 6 |
> At least on my servers, the only people I want using tools like |
| 7 |
> traceroute/tracepath are those folks who are responsbible for administering |
| 8 |
> them. Those are the same people who have root access on the server, so |
| 9 |
> requiring them to type 'sudo' in front of the command isn't overly |
| 10 |
> burdensome, imo. |
| 11 |
That means I have to either give my staff sudo access to use traceroute, |
| 12 |
when I want them to be able to use it to diagnose network problems. And set |
| 13 |
up in this same "security mindset", sudo will require a password upon |
| 14 |
execution. |
| 15 |
|
| 16 |
A (imho) better solution would be to perhaps do a 4750 by default, and give |
| 17 |
it to a specific group, say "staff" or the like, this way I can add my staff |
| 18 |
to that particular group once, and not have to muck permissions everytime a |
| 19 |
new release of traceroute comes out. |
| 20 |
|
| 21 |
$.02 + $.02 makes $.04, I should get an old top hat to collect the change.. |
| 22 |
|
| 23 |
-d |
Archives