A few thoughts..
Mike Meyer
mwm at mired.org
Tue Mar 29 19:57:35 PST 2005
In <61910.81.84.174.37.1112123946.squirrel at mail.revolutionsp.com>, H. S. <security at revolutionsp.com> typed:
> My "USERNAME" account doesn't have access to /sbin/dmesg, but I uploaded a
> /sbin/dmesg from a 5.2.1-RELEASE to a 5.3-STABLE box, and then I could
> have access to this system information. The same goes for systat , vmstat,
> and all these commands that (most people think) shouldn't be available for
> regular users.
I wouldn't say "most people think" those things shouldn't be available
for regular users, because that's the first time in 25 years of
managing Unix systems that I've run into that sentiment.
What I'm really curious about is what makes you think FreeBSD itself
tries to enforce your opinion. I'm running 5.3-STABLE built from fresh
install of 5.3-RELEASE, haven't done anything to any of those
binaries, and they are all world/group executable on my system. That
means that there's no way to prevent any user from running them. dmesg
isn't in the normal $PATH, but that's not an indication that users
shouldn't be able to run it, merely that they aren't expected to need
it.
<mike
--
Mike Meyer <mwm at mired.org> http://www.mired.org/consulting.html
Independent Network/Unix/Perforce consultant, email for more information.
More information about the freebsd-hackers
mailing list