On Thu, Mar 27, 2008 at 11:47 AM, Les Mikesell <lesmikesell@xxxxxxxxx> wrote:
Don't confuse permission to access the things the programs typically
affect with the finding the programs in your PATH. No one is suggesting
that the concept of root authentication should go away. Just that the
difference between doing "su' and "su -" be less confusing and that
typing ifconfig should show a user his ip address, not
bash: ifconfig: command not found
There are more subtle issues here as well. Sure some individual binaries are useful if you arent the administrator. How many binaries in /*/sbin/ are currently still setuid root? Do we need to continue to take some care with those binaries by giving local administrators a way to easily wall off those binaries in a directory that users can't get to by setting strict directory access permissions?
If we are going to clean things up and stop separating the path with an intent to give access to things to users, we need to take a harder look at this all the binaries, not just the few we know are useful for informational purposes.
-jef
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list