Once upon a time, Jeff Spaleta <jspaleta(a)gmail.com> said:
There are more subtle issues here as well. Sure some individual
binaries
are useful if you arent the administrator. How many binaries in /*/sbin/ are
currently still setuid root? Do we need to continue to take some care with
those binaries by giving local administrators a way to easily wall off those
binaries in a directory that users can't get to by setting strict directory
access permissions?
bin vs. sbin is not at all a security measure, since users can already
run things in sbin just by using the full path (or adding the sbin dirs
to their PATH).
My F8 system has 12 setuid and/or setgid binaries between /sbin and
/usr/sbin.
--
Chris Adams <cmadams(a)hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.