Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: Kurt Lieber <klieber@g.o>
From: Michael Reilly <michaelr@...>
Subject: Re: Changes to traceroute in newest release
Date: Tue, 16 Dec 2003 10:16:14 -0800
On Tue, 16 Dec 2003 12:18:42 -0500
Kurt Lieber <klieber@g.o> wrote:

> On Tue, Dec 16, 2003 at 11:59:00AM -0500 or thereabouts, David Olsen
> wrote:
> > Am I the only one that finds the newest changes to traceroute nothing
> > but a large inconvenience?
> 
> Well, I can't speak for everyone else, but I certainly find the changes
> welcome.

I find the change offensive.  It is my system and I want the tools I install
to work.  There is no excuse for someone thinking they can force me to su
every time I want to run traceroute.  Of course the fix is obvious - chmod
4755 traceroute.

Why isn't this a USE option?

I do hope the new traceroute works when set suid unlike another "tool" in
common use for looking at network traffic which refuses to run when set suid
- I have not tried it yet.

michael
> 
> > As near as I can figure, if I install traceroute, I want to use it, not
> > muck with permissions or su - everytime I care to do some network
> > analyzation.
> 
> This is going to sound inflammatory, but I truly don't mean it as such.
> That said, this is the mentality that caused Microsoft so many problems
> with their products over the year.  They made a conscious decision that
> usability concerns would (almost) always trump security concerns.  That
> led to lovely things like new shares having "Anyone/Full Control"
> permissions by default.
> 
> At least on my servers, the only people I want using tools like
> traceroute/tracepath are those folks who are responsbible for
> administering them.  Those are the same people who have root access on the
> server, so requiring them to type 'sudo' in front of the command isn't
> overly burdensome, imo.
> 
> --kurt
> 


-- 
---- ---- ----
Michael Reilly    michaelr@...
    Cisco Systems, Santa Cruz, CA

--
gentoo-security@g.o mailing list

Replies:
Re: Changes to traceroute in newest release
-- James Dennis
Re: Changes to traceroute in newest release
-- Mark Guertin
References:
Changes to traceroute in newest release
-- David Olsen
Re: Changes to traceroute in newest release
-- Kurt Lieber
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Changes to traceroute in newest release
Next by thread:
Re: Changes to traceroute in newest release
Previous by date:
Re: Changes to traceroute in newest release
Next by date:
Re: Changes to traceroute in newest release


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.