Peter Flynn wrote: > Tuomas Kulve wrote: >> hendrik at topoi.pooq.com wrote: >> >>> That's bizarre. What security implications are there in ping that would >>> mean it has to be run only by root? Forcing people to use root when not >>> necessary is itself a security problem. >> Ping seems to be setuid root on my debian. So it's run as root here too. > > That's because 'debianite' is an anagram of 'anal-retentive' > (well, it's not, but it ought to be :-) Here's some hints for why that might not be the reason for a debian ping's setuidness, plus why changing the itos in this regard could require jumping through some extra hoops: a-random-debian-machine$ cp /bin/ping not-setuid-ping a-random-debian-machine$ ./not-setuid-ping -c 1 maemo.org ping: icmp open socket: Operation not permitted Nokia-N800-50-2:~# ls -l /bin/ping lrwxrwxrwx 1 root root 7 Dec 11 17:41 /bin/ping -> busybox 't.
