On Thu, Feb 08, 2018 at 05:49:52PM -0500, Michael Orlitzky wrote: > On 02/08/2018 05:33 PM, Rich Freeman wrote: > > > > There are actually quite a few binaries in /sbin and /usr/sbin which > > can be useful for non-root users. Sure, we could go through there > > carefully and move stuff to /bin but honestly doing what everybody > > else does and just sticking /sbin in the default path makes more > > sense. > > Yeah hiding the bug is easier than fixing it, but has the downside that > the bug doesn't get fixed.
There is no bug here. The problem, as I said before in this thread, is that what goes in *sbin is arbitrary, and as Rich said, if you are relying on the path to prevent a non-root user from running something that only root should run, you are doing it wrong. All the user has to do is type a full path to a command and it will be run. William
signature.asc
Description: Digital signature
