Bug 384661
Summary: | tools in */sbin not in path for non-root users | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Bas Mevissen <abuse> | ||||
Component: | setup | Assignee: | Phil Knirsch <pknirsch> | ||||
Status: | CLOSED WONTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | low | Docs Contact: | |||||
Priority: | low | ||||||
Version: | 8 | CC: | johnh, rvokal, skissane | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2008-03-28 17:01:13 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Bas Mevissen
2007-11-15 14:31:13 UTC
Created attachment 259831 [details]
Patch to add "sbin" paths behind $PATH for non-root users
If you ask me, that's not a bug, it's desired behaviour. If a non-root user wants to use sbin commands they can freely type /sbin/ifconfig. /sbin contains tools that are generally only of use the system administrators. Long may this continue. I strongly support this Enhancement Request. There are frequently reasons for non-root users to want to run tools in /sbin and /usr/sbin. I can't see any strong reason to exclude those directories from the PATH -- there is no security issue here. There is however a significant usability issue -- it confuses users who come from other Linux distributions where /sbin and /usr/sbin are in the PATH for all users. It also makes using sudo, etc., friendlier. This has been discussed numerous times on Fedora and other mailinglists, and there are 2 camps with one preferring it to be included while the other says it's a security risk. As i'm more inclined to agree with the 2nd group i'm afraid i unfortunately have to turn down your request here. Read ya, Phil Can't it be included as an easy configurable option? That would be a reasonable trade-off between security concerns (???) and functionality. It is easily configurable already, a single line change in the profile scripts. I'd still argue that this has nothing to do with security, and everything to do with usability. It's better to default to sbin not being in a typical user's path. If the admin knows better, then the admin can change the profile. If the admin doesn't know how to, then the admin doesn't know better. If it's a single user who knows better, then the single user can change their profile. If they don't know how to, they don't know better. jh |