Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: David Olsen <do@...>
From: Kurt Lieber <klieber@g.o>
Subject: Re: Changes to traceroute in newest release
Date: Tue, 16 Dec 2003 12:37:59 -0500
On Tue, Dec 16, 2003 at 12:29:02PM -0500 or thereabouts, David Olsen wrote:
> A (imho) better solution would be to perhaps do a 4750 by default, and give
> it to a specific group, say "staff" or the like, this way I can add my staff
> to that particular group once, and not have to muck permissions everytime a
> new release of traceroute comes out.

Fair enough -- that is another way of looking at it.  One of my favorite
newgroup signatures I've seen is "There are two rules to UNIX
administration.  Rule 1: There is always more than one way to do the same
thing.  Rule 2: Someone thinks that your way is wrong." :)

This is semi-overkill for this specific problem, but one tool for general
system administration that we use with *extremely* good results is
cfengine. (http://www.cfengine.org)  It allows me to say, "I don't care
what anyone else says, I always want the permissions of /bin/foo to be 0600
and owned by someuser:somegroup"  It runs periodically and checks to make
sure things are as you want them to be.  (It does a lot of other nifty
things, btw -- it's a very powerful, useful tool)

As I said, overkill for this specific solution, but an excellent solution
for ensuring that your systems, as a whole, are kept in a "known good"
state, according to your wants and needs, rather than those of the package
maintainer.  And, anyone who knows me knows that I rarely pass up an
opportunity to promote cfengine. :)

--kurt
Attachment:
pgp08GvNdfkfE.pgp (PGP signature)
Replies:
Re: Changes to traceroute in newest release
-- Lance Albertson
References:
Changes to traceroute in newest release
-- David Olsen
Re: Changes to traceroute in newest release
-- Kurt Lieber
Re: Changes to traceroute in newest release
-- David Olsen
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Changes to traceroute in newest release
Next by thread:
Re: Changes to traceroute in newest release
Previous by date:
Re: Changes to traceroute in newest release
Next by date:
Re: Changes to traceroute in newest release


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.