/sbin:/usr/sbin in mortal's PATH

[Terje Bless]

[ BTW, your MUA seems to drop the Content-Type field. ]

Horst von Brand <vonbrand at inf.utfsm.cl> wrote:

>Terje Bless <link at pobox.com> wrote:
>>`ifconfig` is _also_ for system administrators. Regular users — my
>>Oracle DBAs, say —
>
>Those aren't "regular users" by a /very/ long shot in my book.

Fine. My web hosting clients with SSH access then.

But if you allow your DBAs root access I feel for you, I really do. :-)


>They are in /bin and /usr/bin. What is in /sbin or /usr/sbin is /not/ for
>regular user consumption. If they need it, they aren't regular users.

Then we differ in opinion on this point. My opinion is that these commands are
also suitable for regular users with the exception of those that have EUID=0
checks or permissions settings that explicitly prevent non-root users from
executing them (probably because their operation is potentially destructive).

If these are the semantics you wish to attach to "sbin" then many of the
commands currently there should be moved _away_ and into the regular user's
path.


>It has nothing whatsoever to do with security, and everything with not
>confusing random users with commands they can't use sensibly.

Again, by this reasoning, things like ifconfig should then be moved out of the
sbin directories and into the user path as "random users" _can_ use these
"sensibly".

But such a distinction seems highly artificial to me. I concur with Paul Wouters
and Ron Watson elsewhere in this thread; "protecting users from confusion" is a
rationalization at best, the distinction — if any is warranted — must be along
lines like statically/dynamically linked or available before network is up (cf.
/usr) etc.


-- 
 “Look Mike, I like you.  I like the way you handle yourself.  You seem like
  a reasonable man. Why don't we make a deal. What's it worth to you to drag
  your  considerable  talents  back  to  the  gutter  you  crawled  out  of?”
  “Carl Evello”, Kiss Me Deadly (1955); <http://imdb.com/title/tt0048261>