Matt, OK, test error.
Then, who is going to fix it at LSB? Ken Matt Wilson wrote: > > On Tue, May 14, 2002 at 04:13:04PM -0700, Ken Burrell wrote: > > Matt, > > > > Are you aware that practically every security alert for Linux recommends > > that the suid bit be turned off in ping because of security exploits? > > This may have been the case several years ago, but most Linux ping > implementations have been rewritten with security in mind. This > includes dropping root privileges after acquiring the raw socket. > > > The LSB test simply says its wrong to have suid turned off; but that is > > clearly an option of any sensible system administrator. > > No, that's not what the LSB requires. The requirement is "The > implementation provides an exec-able version of the ping utility in > the /bin directory." The test is wrong because it tries to run: > > /bin/ping -c 2 localhost > > A sufficient test would be > > [ -x /bin/ping ] > > > For a non-networked, home user, it wont matter; but the LSB has to take > > into account the many different security requirements of a Linux > > installation. > > > > Dont you think its a bit ridiculous to specify in the LSB that you > > *must* have the suid bit turned on? > > Again, test error. > > Cheers, > > Matt -- Ken Burrell High Performance Computing Project Manager, R&D MSC.Software Corporation voice: (714)445-5612 2 MacArthur Place fax: (714)784-4116 Santa Ana, CA 92707 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with subject of "unsubscribe". Trouble? Email [EMAIL PROTECTED]
