| 1 |
On Tue, 16 Dec 2003 12:18:42 -0500 |
| 2 |
Kurt Lieber <klieber@g.o> wrote: |
| 3 |
|
| 4 |
> On Tue, Dec 16, 2003 at 11:59:00AM -0500 or thereabouts, David Olsen |
| 5 |
> wrote: |
| 6 |
> > Am I the only one that finds the newest changes to traceroute nothing |
| 7 |
> > but a large inconvenience? |
| 8 |
> |
| 9 |
> Well, I can't speak for everyone else, but I certainly find the changes |
| 10 |
> welcome. |
| 11 |
|
| 12 |
I find the change offensive. It is my system and I want the tools I install |
| 13 |
to work. There is no excuse for someone thinking they can force me to su |
| 14 |
every time I want to run traceroute. Of course the fix is obvious - chmod |
| 15 |
4755 traceroute. |
| 16 |
|
| 17 |
Why isn't this a USE option? |
| 18 |
|
| 19 |
I do hope the new traceroute works when set suid unlike another "tool" in |
| 20 |
common use for looking at network traffic which refuses to run when set suid |
| 21 |
- I have not tried it yet. |
| 22 |
|
| 23 |
michael |
| 24 |
> |
| 25 |
> > As near as I can figure, if I install traceroute, I want to use it, not |
| 26 |
> > muck with permissions or su - everytime I care to do some network |
| 27 |
> > analyzation. |
| 28 |
> |
| 29 |
> This is going to sound inflammatory, but I truly don't mean it as such. |
| 30 |
> That said, this is the mentality that caused Microsoft so many problems |
| 31 |
> with their products over the year. They made a conscious decision that |
| 32 |
> usability concerns would (almost) always trump security concerns. That |
| 33 |
> led to lovely things like new shares having "Anyone/Full Control" |
| 34 |
> permissions by default. |
| 35 |
> |
| 36 |
> At least on my servers, the only people I want using tools like |
| 37 |
> traceroute/tracepath are those folks who are responsbible for |
| 38 |
> administering them. Those are the same people who have root access on the |
| 39 |
> server, so requiring them to type 'sudo' in front of the command isn't |
| 40 |
> overly burdensome, imo. |
| 41 |
> |
| 42 |
> --kurt |
| 43 |
> |
| 44 |
|
| 45 |
|
| 46 |
-- |
| 47 |
---- ---- ---- |
| 48 |
Michael Reilly michaelr@×××××.com |
| 49 |
Cisco Systems, Santa Cruz, CA |
| 50 |
|
| 51 |
-- |
| 52 |
gentoo-security@g.o mailing list |
Archives