1 |
On 2003-12-16 at 12:18:42, Kurt Lieber <klieber@g.o> wrote: |
2 |
> This is going to sound inflammatory, but I truly don't mean it as such. |
3 |
Opinions are just that. Mature people with mature opinons should accept as |
4 |
such. |
5 |
|
6 |
> At least on my servers, the only people I want using tools like |
7 |
> traceroute/tracepath are those folks who are responsbible for administering |
8 |
> them. Those are the same people who have root access on the server, so |
9 |
> requiring them to type 'sudo' in front of the command isn't overly |
10 |
> burdensome, imo. |
11 |
That means I have to either give my staff sudo access to use traceroute, |
12 |
when I want them to be able to use it to diagnose network problems. And set |
13 |
up in this same "security mindset", sudo will require a password upon |
14 |
execution. |
15 |
|
16 |
A (imho) better solution would be to perhaps do a 4750 by default, and give |
17 |
it to a specific group, say "staff" or the like, this way I can add my staff |
18 |
to that particular group once, and not have to muck permissions everytime a |
19 |
new release of traceroute comes out. |
20 |
|
21 |
$.02 + $.02 makes $.04, I should get an old top hat to collect the change.. |
22 |
|
23 |
-d |