[893] in linux-security and linux-alert archive
Re: [linux-security] dip
daemon@ATHENA.MIT.EDU (John Betts)
Wed Jul 10 18:35:02 1996
From: John Betts <johnb@aztec.co.za>
To: jordy@thirdwave.net (Jordy)
Date: Wed, 10 Jul 1996 19:20:34 +0200 (SAT)
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.BSI.3.91.960709234912.21750A-100000-100000@aloha.com> from "Jordy" at Jul 9, 96 11:53:35 pm
Reply-to: johnb@aztec.co.za
% actually, dip does need to be setuid because it modifies the routing tables.
%
forgive me if I am missing something here....
but, why would you want non-root users to make network connections and
make changes to routing tables?
Simple solution is to chmod -s dip, and only run it as root.
Do you _really_ want any 'ol luser on your system to dial out
and do funny things with your modem?
I think there should be a comms group, at least, in which only
users in that group may use _any_ communications device...
I dont like the fact that by default any 'ol luser can use my modem...
what about you folk? Should this defacto standard be changed?
ciao
--
John
--
John Betts, Aztec Internet Services Port Elizabeth, South Africa
johnb@aztec.co.za, Tel. +27(0)41 303 475, Fax. +27(0)41 301 052
The world is complex. The Sendmail configuration reflects this.