Gentoo Archives: gentoo-security

From: Kurt Lieber <klieber@g.o>
To: gentoo-security@g.o
Subject: Re: [gentoo-security] Changes to traceroute in newest release
Date: Tue, 16 Dec 2003 11:20:11
In Reply to: [gentoo-security] Changes to traceroute in newest release by David Olsen
1 On Tue, Dec 16, 2003 at 11:59:00AM -0500 or thereabouts, David Olsen wrote:
2 > Am I the only one that finds the newest changes to traceroute nothing but a
3 > large inconvenience?
5 Well, I can't speak for everyone else, but I certainly find the changes
6 welcome.
8 > As near as I can figure, if I install traceroute, I want to use it, not muck
9 > with permissions or su - everytime I care to do some network analyzation.
11 This is going to sound inflammatory, but I truly don't mean it as such.
12 That said, this is the mentality that caused Microsoft so many problems
13 with their products over the year. They made a conscious decision that
14 usability concerns would (almost) always trump security concerns. That
15 led to lovely things like new shares having "Anyone/Full Control"
16 permissions by default.
18 At least on my servers, the only people I want using tools like
19 traceroute/tracepath are those folks who are responsbible for administering
20 them. Those are the same people who have root access on the server, so
21 requiring them to type 'sudo' in front of the command isn't overly
22 burdensome, imo.
24 --kurt


Subject Author
Re: [gentoo-security] Changes to traceroute in newest release David Olsen <do@×××××××.com>
Re: [gentoo-security] Changes to traceroute in newest release Michael Reilly <michaelr@×××××.com>