Gentoo Logo

About | Projects | Docs | Forums | Lists | Bugs | Get Gentoo! | Support | Planet | Wiki

Gentoo Spaceship
Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: James Dennis <james@...>
Subject: Re: Changes to traceroute in newest release
Date: Tue, 16 Dec 2003 15:25:09 -0500 
This whole discussion is getting ridiculous. Gentoo is clearly looking 
to make a more secure _default_ install. You only have to su everytime 
if you're too lazy to use chmod... which was already mentioned... so 
how about we agree it's moot?
-James

On Tuesday, December 16, 2003, at 01:16  PM, Michael Reilly wrote:

> On Tue, 16 Dec 2003 12:18:42 -0500
> Kurt Lieber <klieber@g.o> wrote:
>
>> On Tue, Dec 16, 2003 at 11:59:00AM -0500 or thereabouts, David Olsen
>> wrote:
>>> Am I the only one that finds the newest changes to traceroute nothing
>>> but a large inconvenience?
>>
>> Well, I can't speak for everyone else, but I certainly find the 
>> changes
>> welcome.
>
> I find the change offensive.  It is my system and I want the tools I 
> install
> to work.  There is no excuse for someone thinking they can force me to 
> su
> every time I want to run traceroute.  Of course the fix is obvious - 
> chmod
> 4755 traceroute.
>
> Why isn't this a USE option?
>
> I do hope the new traceroute works when set suid unlike another "tool" 
> in
> common use for looking at network traffic which refuses to run when 
> set suid
> - I have not tried it yet.
>
> michael
>>
>>> As near as I can figure, if I install traceroute, I want to use it, 
>>> not
>>> muck with permissions or su - everytime I care to do some network
>>> analyzation.
>>
>> This is going to sound inflammatory, but I truly don't mean it as 
>> such.
>> That said, this is the mentality that caused Microsoft so many 
>> problems
>> with their products over the year.  They made a conscious decision 
>> that
>> usability concerns would (almost) always trump security concerns.  
>> That
>> led to lovely things like new shares having "Anyone/Full Control"
>> permissions by default.
>>
>> At least on my servers, the only people I want using tools like
>> traceroute/tracepath are those folks who are responsbible for
>> administering them.  Those are the same people who have root access 
>> on the
>> server, so requiring them to type 'sudo' in front of the command isn't
>> overly burdensome, imo.
>>
>> --kurt
>>
>
>
> -- 
> ---- ---- ----
> Michael Reilly    michaelr@...
>     Cisco Systems, Santa Cruz, CA
>
> --
> gentoo-security@g.o mailing list
>
>


--
gentoo-security@g.o mailing list
Replies:
Re: Changes to traceroute in newest release
-- Michael Reilly
Re: Changes to traceroute in newest release
-- David Olsen
References:
Re: Changes to traceroute in newest release
-- Michael Reilly
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Changes to traceroute in newest release
Next by thread:
Re: Changes to traceroute in newest release
Previous by date:
Re: Changes to traceroute in newest release
Next by date:
Re: Changes to traceroute in newest release


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.