[maemo-users] Missing OS2008 cmdline apps (was Re: how to install OS2007?)

From: hendrik at topoi.pooq.com hendrik at topoi.pooq.com
Date: Sun Dec 30 19:42:30 EET 2007
On Sun, Dec 30, 2007 at 05:03:42PM +0200, Tuomas Kulve wrote:
> hendrik at topoi.pooq.com wrote:
> > That's bizarre.  What security implications are there in ping that would 
> > mean it has to be run only by root?  Forcing people to use root when not 
> > necessary is itself a security problem.
> Ping seems to be setuid root on my debian. So it's run as root here too.

There's a big difference between setuid root ahd having to be root.
I presume ping can handle its own security issues and ping properly and 
unobjectionably.  But if I have to become root before executing ping, 
there's a whole load of trouble I can get into by forgetting the stop 
being root after I've run ping.  Not to mention that I might be a 
know-little user who can't be trusted with full root access.  Who might 
know just enough to get into serious trouble but not enough not to.

-- hendrik

More information about the maemo-users mailing list