few ideas how to make fedora better as a desktop
Jesse Keating
jkeating at redhat.com
Wed Mar 26 12:42:13 UTC 2008
On Tue, 2008-03-25 at 12:02 -0600, Gian Paolo Mureddu wrote:
> but being as /sbin paths are
> meant for administrative tasks, I actually do see having them as part of
> a regular user's PATH a potential security risk.
That's completely bogus. A "hidden path" offers 0 security. If you
don't want your users running them, set the permissions on the binary,
or better yet, have the binary check the EUID of the caller. If
non-root, display that the command is for root users, but also allow the
user to get --help and other usage or informational output from the
command. Just don't allow non-root users to apply anything. There
really is no reason I can think of to hide this crap in a different
directory. It just adds needless complication and confusion.
--
Jesse Keating
Fedora -- All my bits are free, are yours?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-desktop-list/attachments/20080326/1b3c6c2c/attachment.sig>
More information about the Fedora-desktop-list
mailing list