Vladimir A. Pavlov wrote: > On Monday 28 August 2006 03:24, Robert Connolly wrote: >> sed 's/4775/4755/' -i ping/Makefile.in > > First, I think the shown way is a hack a little. It's better to do the > following after installation: > > chmod 4711 /bin/ping > > Second, shouldn't it be 4711 rather than 4755? The read-by-others access > to a SUID file is a security hole.
I even would go one step further, a normal user is not able to troubleshoot network problems so why should he pe able to ping? chmod 0711 /bin/ping [EMAIL PROTECTED]:~$ ping www.goole.de ping: ping must run as root can't init ping: Operation not permitted Every SUID program is potentially dangerous. However, I don't want to start a flamewar about this... Thorsten -- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
