On Sat, May 25, 2002 at 12:32:02AM -0700, Karsten M. Self wrote:
> on Wed, May 22, 2002, Petro ([EMAIL PROTECTED]) wrote:
> > On Wed, May 22, 2002 at 03:16:57AM -0700, Karsten M. Self wrote:
> > > on Tue, May 21, 2002, Petro ([EMAIL PROTECTED]) wrote:
> > > > Is this the first time someone has brought this up?
> > > Puhleaze:
> > There's a bunch of people here acting like they've never heard of
> > the idea, and the only somewhat reasonable excuse I've heard for not
> > doing it is "It's a lot of work", which lead me to believe it hadn't
> > been discussed here.
> http://www.google.com/search?q=debian+statically+linked+root+shell
> > So it has been brought up before, over 2 years ago, and it's still
> > wrong?
> The point was that the answer to your question ("Is this the first...")
> is readily available from the usual place. Your assignment is to read
> the earlier posts and either:
There are over 100 links, many of them redundant, with the link you
provided.
The vast majority of them are redundant, or do have no mention of
*why* such a bad decision was made.
The one that does--which does happen to be the first on the list,
shows a lot of navel gazing, short sightedness, and a general
lack of will to actually listen to people who have an idea about how
reliable, robust systems can be designed that doesn't involve fancy
new widgets.
> - Formulate a previously unaddressed reason root should have a
> statically linked shell, rather than pollute the list with largely
> irrelevent dialog.
There is no reason to "formulate a previously unaddressed reason",
when the previous reasons are perfectly adequate, and have not been
properly addressed.
As to your "pollute the list" comment, quite frankly it is something
I, and by *the first link* on that Google query you posted, several
other working Sysadmins, think is a very vaild question.
My first post on this was as to *why* such a basic thing isn't being
done. After all, where does /sbin get it's name? Well, /bin is
binaries. /sbin is *static* binaries. Of which there are...one.
All I asked was why.
The answers I recieved tended to indicate a lack of previous
investigation into the subject, which caused my query as to whether
this had been discussed previously.
> - Understand why the current alternative(s) are sufficient.
They aren't. They are close, and can be made proper with a little
work. Which describes about 80% of linux (which is better than a lot
of OSs, even other Unixes.).
> - Summarize findings to list and quietly exit the topic.
Summary: Sash should be installed by default in /sbin/sash and as
default should be the root users shell. It adds about 610k to a
default install and has little or no downside in a properly set up
environment.
Yes, there should be a way *not* to install it, for those who are
experienced and understand fully the ramifications of this decision.
--
My last cigarette was roughly 36 days, 12 hours, 4 minutes ago.
YHBW
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
