Hi Jingzi! On Wed, Jan 10, 2024 at 07:12:49PM +0800, 孟敬姿 wrote: > Hi! I hope this message finds you well. > > We have identified an issue in the categorization > of certain commands in the man-pages and would like > to bring it to your attention. > > Upon testing on Debian 11, we observed discrepancies > between the stated privilege requirements in the manual > pages and the actual behavior of some commands. > > According to the introduction pages, commands in section > 8 require superuser privileges to run, but we found some > commands that do not necessitate superuser privileges for > execution: > lnstat, findfs, blkid, lsblk, lsmod, lspci, modinfo, > isosize, lastlog, tzselect, zdump, getcap, getpcaps, > mklost_found, tracepath. > > These commands predominantly query system information and > do not involve sensitive resources. > For example, lnstat print Linux network statistics, the > statics comes from /proc/net/stat which could be read by > anyone. Lastlog reports the most recent login users, the > similar commands like last, printky and users are all in > section 1. And it is clearly stated in tracepath(8) that > the command does not require superuser privileges. > > The introduction of section 1 claims that those commands > to be user commands, but some commands require superuser > privileges to run: > dumpkeys, fgconsole, kbdindo, kbd_mode, showkey, > deallocvt, tcpdump, chage, gpasswd, mesg, mkfifo. > > These commands manipulate special resources like keyboards, > virtual terminals and pipes. Notably, tcpdump exists in both > Section 1 and Section 8, but it can only be used with privileges. > > To enhance clarity and align with the intended privilege > requirements, we recommend adjusting the categorization of these > commands. This adjustment will ensure that users referring to > the manual pages can accurately configure command permissions > without unnecessary use of privileges and contribute to a more > intuitive and accurate manual page structure. > > Best regards, > Jingzi Could you please suggest a specific patch to the manual pages? Have a lovely day, Alex -- <https://www.alejandro-colomar.es/> Looking for a remote C programming job at the moment.
Attachment:
signature.asc
Description: PGP signature
