On 02/08/2018 06:12 PM, William Hubbs wrote: > > There is no bug here. The problem, as I said before in this thread, is > that what goes in *sbin is arbitrary, and as Rich said, if you are > relying on the path to prevent a non-root user from running something > that only root should run, you are doing it wrong. All the user has to > do is type a full path to a command and it will be run.
The FHS says /usr/sbin is for "binaries used exclusively by the system administrator." It's not arbitrary, and the test for what doesn't belong there is obvious: if a regular user needs something in /usr/sbin, then we put it in the wrong place. Adding /usr/sbin to PATH will hide the fact that we put it in the wrong place, but it will still be in the wrong place.
