On 2003-12-16 at 12:18:42, Kurt Lieber <klieber@g.o> wrote:
> This is going to sound inflammatory, but I truly don't mean it as such.
Opinions are just that. Mature people with mature opinons should accept as
such.

> At least on my servers, the only people I want using tools like
> traceroute/tracepath are those folks who are responsbible for administering
> them.  Those are the same people who have root access on the server, so
> requiring them to type 'sudo' in front of the command isn't overly
> burdensome, imo.
That means I have to either give my staff sudo access to use traceroute,
when I want them to be able to use it to diagnose network problems. And set
up in this same "security mindset", sudo will require a password upon
execution. 

A (imho) better solution would be to perhaps do a 4750 by default, and give
it to a specific group, say "staff" or the like, this way I can add my staff
to that particular group once, and not have to muck permissions everytime a
new release of traceroute comes out.

$.02 + $.02 makes $.04, I should get an old top hat to collect the change..

-d