Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Calum <gentoo-security@...>
Subject: Re: Changes to traceroute in newest release
Date: Wed, 14 Jan 2004 12:44:56 +0000
On Thursday 18 December 2003 2:36 pm, Kevin van Haaren wrote:
>
> Since I only have 2 machines to worry about, I'll just:
> chgrp wheel /usr/sbin/traceroute
> chmod 4750 /usr/sbin/traceroute

Sorry for the slight delay in this message, but I've been on holiday for a 
while.

I suggest that the use of groups would better serve this purpose.
E.g. a nettools group, with traceroute, ping, etc chgrp'd and chmod'd 4750.
Using an existing group such as wheel would mean that you would be allowing 
them to use /bin/su as well.

A shadow group, with /etc/shadow as 640, so that applications don't need to be 
be setuid to root to read them - setgid shadow would be enough 
(/usr/kde/3.1/bin/kcheckpass for example)

What Gentoo excels in is having very good defaults. I personally hate having 
to make the same change on every machine I install, and in this respect 
Gentoo is pretty good.

Anyway, back to reading the rest of the thread... :)

PS. Is this list archived anywhere? I couldn't find it on Google.


-- 

The early bird may get the worm, but the second mouse gets the cheese.

jabber: jcalum@...
pgp: http://gk.umtstrial.co.uk/~calum/keys.php


--
gentoo-security@g.o mailing list

Replies:
Re: Changes to traceroute in newest release
-- David Olsen
Re: Changes to traceroute in newest release
-- Mike Frysinger
References:
Changes to traceroute in newest release
-- David Olsen
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Changes to traceroute in newest release
Next by thread:
Re: Changes to traceroute in newest release
Previous by date:
Re: firewall suggestions?
Next by date:
SELinux and user-crontab


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.