Once upon a time, Seth Vidal <skvidal@xxxxxxxxxxxxxxxxx> said: > And do we seriously think we can keep the code away from a non-root user > by chmodd'ing the binaries? A user can get a binary for anything > fedora can install in about 30s w/firefox. The same really applies to RHEL, except it might take a few minutes. There's not much reason for any file that isn't intended to be modified (e.g. included in an RPM and not marked %config) to be "protected". I opened a bug (441495) about BIND permissions (in RHEL 5 specifically but Fedora as well) a while back, because the restricted permissions are even stupider there; it is possible to allow a non-root user to use rndc with permissions on the rndc config file, but RHEL/Fedora distribute rndc owned root:root perms 0750. -- Chris Adams <cmadams@xxxxxxxxxx> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
