Eli the Bearded wrote:
^^^^^^^^^^^^^^^
Please post here using your real name.
> In comp.lang.python, Thomas 'PointedEars' Lahn <use...@PointedEars.de>
> wrote:
Attribution _line_, not attribution novel.
>> Michael Torrie wrote:
>>> On 7/24/19 4:20 PM, Cameron Simpson wrote:
>>>> That is some progress, hooray. Then there's just sbin -> bin to go.
>>> I suppose in the olden days sbin was for static binaries, […]
>> No, “sbin” is short for “*system* binaries” which in general only the
>> superuser should be able to execute.
>
> I think Michael is confusing "sbin" with the statically linked utilities
> some systems (particularly older ones, but also FreeBSD in /rescue/)
> have for repairing the system when things start to go bad. You'd want
> a shell (sh is great), a basic editor (eg, eg), and a smattering of
> other tools, akin to the ones listed as "must be in /sbin" in your
> linuxfoundation link.
ACK.
> But more than a few utilities in /sbin are useful for non-superusers.
> Eg ip or ifconfig for informational purposes like identifying current
> IP address and getting MAC.
ACK. But what appears useful for a non-superuser can be viewed as
compromising system security, or opening ways to make that easier,
by superusers/system administrators.
Keep in mind that originally, and in fact still due to servers on the
Internet, the majority of Unices have not been/are not only used by one
person each which is both a non-superuser and a superuser of the computer
system:
<
https://en.wikipedia.org/wiki/Usage_share_of_operating_systems>
>> Which is why the above is a Very Bad Idea[tm].
>
> Why? Programs that can *only* be usefully run by a privileged user
> or in a system context (eg halt or getty) already *must* prevent non
> privileged use. So why would it be a Very Bad Idea[tm] to have them in
> a common directory like /bin/?
Because that a file should only or usually be executed by a superuser does
not imply that the owner of that file must be a superuser, or that it has
execute permission only for one superuser group or more, and vice-versa.
Also, it is easier to keep files that usually should only be executed by
a superuser in a separate directory, so that they are not immediately
available or listed to or for other users [e.g. in shell command resolution
(along PATH), in a directory listing, or in tab completion].
> (Feel free to crosspost and set follow-ups to another group if you like.
> But I would suggest *not* a Linux group, since this is something general
> to all Unix-likes.)
ACK. X-Post & F’up2 comp.unix.misc.
--
PointedEars
Twitter: @PointedEars2
Please do not cc me. /Bitte keine Kopien per E-Mail.