few ideas how to make fedora better as a desktop

seth vidal skvidal at fedoraproject.org
Wed Mar 26 12:55:38 UTC 2008


On Wed, 2008-03-26 at 08:42 -0400, Jesse Keating wrote:
> On Tue, 2008-03-25 at 12:02 -0600, Gian Paolo Mureddu wrote:
> > but being as /sbin paths are 
> > meant for administrative tasks, I actually do see having them as part of 
> > a regular user's PATH a potential security risk.
> 
> That's completely bogus.  A "hidden path" offers 0 security.  If you
> don't want your users running them, set the permissions on the binary,
> or better yet, have the binary check the EUID of the caller.  If
> non-root, display that the command is for root users, but also allow the
> user to get --help and other usage or informational output from the
> command.  Just don't allow non-root users to apply anything.  There
> really is no reason I can think of to hide this crap in a different
> directory.  It just adds needless complication and confusion.
> 

+1
-sv





More information about the Fedora-desktop-list mailing list