On Sunday 30 December 2007 08:10:39 am Peter Flynn wrote: > Tuomas Kulve wrote: > > hendrik at topoi.pooq.com wrote: > >> That's bizarre. What security implications are there in ping > >> that would mean it has to be run only by root? Forcing people > >> to use root when not necessary is itself a security problem. > > > > Ping seems to be setuid root on my debian. So it's run as root > > here too. > > That's because 'debianite' is an anagram of 'anal-retentive' > (well, it's not, but it ought to be :-) > > A Debian contributor once told me that all utilities which access > the network should be root-privileged because otherwise they would > allow ordinary users to know of (or detect) the existence of other > machines, which might be a security breach. > > ///Peter Peter don't believe everything they tell you. They tend to blow their fair share of sunshine *grin* But seriously. Even Debian has to run it setuid root. As in order to ping you have to modify the nic's run mode. James
