Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: James Dennis <james@...>
From: Michael Reilly <michaelr@...>
Subject: Re: Changes to traceroute in newest release
Date: Tue, 16 Dec 2003 14:23:52 -0800
This is a worthwhile discussion.  Trying to censor/supress it is not
productive.

michael
On Tue, 16 Dec 2003 15:25:09 -0500
James Dennis <james@...> wrote:

> This whole discussion is getting ridiculous. Gentoo is clearly looking 
> to make a more secure _default_ install. You only have to su everytime 
> if you're too lazy to use chmod... which was already mentioned... so 
> how about we agree it's moot?
> -James
> 
> On Tuesday, December 16, 2003, at 01:16  PM, Michael Reilly wrote:
> 
> > On Tue, 16 Dec 2003 12:18:42 -0500
> > Kurt Lieber <klieber@g.o> wrote:
> >
> >> On Tue, Dec 16, 2003 at 11:59:00AM -0500 or thereabouts, David Olsen
> >> wrote:
> >>> Am I the only one that finds the newest changes to traceroute nothing
> >>> but a large inconvenience?
> >>
> >> Well, I can't speak for everyone else, but I certainly find the 
> >> changes
> >> welcome.
> >
> > I find the change offensive.  It is my system and I want the tools I 
> > install
> > to work.  There is no excuse for someone thinking they can force me to 
> > su
> > every time I want to run traceroute.  Of course the fix is obvious - 
> > chmod
> > 4755 traceroute.
> >
> > Why isn't this a USE option?
> >
> > I do hope the new traceroute works when set suid unlike another "tool" 
> > in
> > common use for looking at network traffic which refuses to run when 
> > set suid
> > - I have not tried it yet.
> >
> > michael
> >>
> >>> As near as I can figure, if I install traceroute, I want to use it, 
> >>> not
> >>> muck with permissions or su - everytime I care to do some network
> >>> analyzation.
> >>
> >> This is going to sound inflammatory, but I truly don't mean it as 
> >> such.
> >> That said, this is the mentality that caused Microsoft so many 
> >> problems
> >> with their products over the year.  They made a conscious decision 
> >> that
> >> usability concerns would (almost) always trump security concerns.  
> >> That
> >> led to lovely things like new shares having "Anyone/Full Control"
> >> permissions by default.
> >>
> >> At least on my servers, the only people I want using tools like
> >> traceroute/tracepath are those folks who are responsbible for
> >> administering them.  Those are the same people who have root access 
> >> on the
> >> server, so requiring them to type 'sudo' in front of the command isn't
> >> overly burdensome, imo.
> >>
> >> --kurt
> >>
> >
> >
> > -- 
> > ---- ---- ----
> > Michael Reilly    michaelr@...
> >     Cisco Systems, Santa Cruz, CA
> >
> > --
> > gentoo-security@g.o mailing list
> >
> >
> 
> 
> --
> gentoo-security@g.o mailing list


-- 
---- ---- ----
Michael Reilly    michaelr@...
    Cisco Systems, Santa Cruz, CA

--
gentoo-security@g.o mailing list

References:
Re: Changes to traceroute in newest release
-- Michael Reilly
Re: Changes to traceroute in newest release
-- James Dennis
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Changes to traceroute in newest release
Next by thread:
Re: Changes to traceroute in newest release
Previous by date:
Re: Changes to traceroute in newest release
Next by date:
Re: Changes to traceroute in newest release


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.