On Wed, 2008-03-26 at 08:18 -0500, inode0 wrote: > 2008/3/26 Jesse Keating <jkeating@xxxxxxxxxx>: > > On Tue, 2008-03-25 at 12:02 -0600, Gian Paolo Mureddu wrote: > > > but being as /sbin paths are > > > meant for administrative tasks, I actually do see having them as part of > > > a regular user's PATH a potential security risk. > > > > That's completely bogus. A "hidden path" offers 0 security. If you > > don't want your users running them, set the permissions on the binary, > > or better yet, have the binary check the EUID of the caller. If > > non-root, display that the command is for root users, but also allow the > > user to get --help and other usage or informational output from the > > command. Just don't allow non-root users to apply anything. There > > really is no reason I can think of to hide this crap in a different > > directory. It just adds needless complication and confusion. > > Is Fedora committed to the FHS? Or is Red Hat still committed to it? > > The purpose was for root only programs of a certain class to be > located in /sbin for example but including non-root programs there > does muddy the experience for the end user. However I do think it is > cleaner to make those programs available to a user by means other than > adding /sbin to the default path of a normal user. A few links are > cheap. Would links for those in /usr/bin clash with the FHS? 1. The FHS makes no rules about the default PATH setting for users/root 2. The FHS has no problems with symlinks for the files it requires in /sbin and /usr/sbin So changing the defaults away from a 'hidden' /sbin and /usr/sbin would not violate the FHS. -sv -- Fedora-desktop-list mailing list Fedora-desktop-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-desktop-list
