Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Patrick Börjesson <psycho@...>
Subject: Re: Changes to traceroute in newest release
Date: Tue, 16 Dec 2003 22:43:32 +0100
> > This whole discussion is getting ridiculous. Gentoo is clearly
> > looking to make a more secure _default_ install. You only have to su
> > everytime if you're too lazy to use chmod... which was already
> > mentioned... so how about we agree it's moot?
> > -James
> 
> The point was traceroute is _not_ installed by default. An admin
> desiring to install this software, in my case, on several hundred
> servers, I don't want to have to chmod traceroute on all those boxes,
> everytime there's an update to traceoute because of what could be
> deemed a poor choice for security. 
> 
> I don't see where the discussion has gotten moot or off-track. If
> enough of the community wants it back the way it was, I assume Gentoo
> developers will respond as such.

I'd guess that the people that want software installed insecurely by
default are a minority among users (or atleast I hope so). Per default
most distributions try to minimize the number of applications that are
installed suid root, which I hope Gentoo will too.
Those that have taken all the security related considerations and still
want traceroute installed suid root should either modify the ebuild and
stash it in their overlay, or install something like cfengine that
sets permissions to their needs.

Patrick Börjesson

-- 
Public key ID: 4C5AB0BF
Public key available at wwwkeys.pgp.net
Attachment:
pgpwStcjt7g8h.pgp (PGP signature)
References:
Re: Changes to traceroute in newest release
-- Michael Reilly
Re: Changes to traceroute in newest release
-- James Dennis
Re: Changes to traceroute in newest release
-- David Olsen
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Changes to traceroute in newest release
Next by thread:
Re: Changes to traceroute in newest release
Previous by date:
Re: Changes to traceroute in newest release
Next by date:
Re: Changes to traceroute in newest release


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.