This is a good premise, however, a bug must be submitted and reviewed to make the *official* determination. Please submit a bug.
George (gk4) Ken Burrell wrote: > > Matt, > > OK, test error. > > Then, who is going to fix it at LSB? > > Ken > > Matt Wilson wrote: > > > > On Tue, May 14, 2002 at 04:13:04PM -0700, Ken Burrell wrote: > > > Matt, > > > > > > Are you aware that practically every security alert for Linux recommends > > > that the suid bit be turned off in ping because of security exploits? > > > > This may have been the case several years ago, but most Linux ping > > implementations have been rewritten with security in mind. This > > includes dropping root privileges after acquiring the raw socket. > > > > > The LSB test simply says its wrong to have suid turned off; but that is > > > clearly an option of any sensible system administrator. > > > > No, that's not what the LSB requires. The requirement is "The > > implementation provides an exec-able version of the ping utility in > > the /bin directory." The test is wrong because it tries to run: > > > > /bin/ping -c 2 localhost > > > > A sufficient test would be > > > > [ -x /bin/ping ] > > > > > For a non-networked, home user, it wont matter; but the LSB has to take > > > into account the many different security requirements of a Linux > > > installation. > > > > > > Dont you think its a bit ridiculous to specify in the LSB that you > > > *must* have the suid bit turned on? > > > > Again, test error. > > > > Cheers, > > > > Matt > > -- > Ken Burrell High Performance Computing > Project Manager, R&D MSC.Software Corporation > voice: (714)445-5612 2 MacArthur Place > fax: (714)784-4116 Santa Ana, CA 92707 > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with subject of "unsubscribe". Trouble? Email [EMAIL PROTECTED] -- George Kraft IV [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with subject of "unsubscribe". Trouble? Email [EMAIL PROTECTED]
