In comp.unix.misc, Thomas 'PointedEars' Lahn <
usenet@PointedEars.de> wrote:
Eli the Bearded wrote:
^^^^^^^^^^^^^^^
Please post here using your real name.
That is my nom-de-net for better than two decades.
In comp.lang.python, Thomas 'PointedEars' Lahn <usenet@PointedEars.de> wrote:
Attribution _line_, not attribution novel.
Says the guy who just (a) took this topic to a different group as I
suggested and (b) feels it necessary to have two separate "face" headers
with images in excess of a 1000 bytes. I use that attribution line
*because* things get crossposted and to make it clear the the context
I'm replying from.
[this discussion is sparked by the request:
On 7/24/19 4:20 PM, Cameron Simpson wrote:
That is some progress, hooray. Then there's just sbin -> bin to go.
ACK. But what appears useful for a non-superuser can be viewed as compromising system security, or opening ways to make that easier,
by superusers/system administrators.
If it can "compromis[e] system security" it needs to check permissions
anyway. There is nothing stopping me using a non-privleged account from
trying to run anything in /sbin anyway.
Keep in mind that originally, and in fact still due to servers on the Internet, the majority of Unices have not been/are not only used by one person each which is both a non-superuser and a superuser of the computer system:
Hey, guess what? I've been a shell customer of Panix for over two
decades and Panix fits some 1500+ subscribers (these days) on four
(these days) multiuser shell boxes. "who|wc" gives me 43 users at the
moment on this box. I know all about Unix as a multiuser system.
Which is why the above is a Very Bad Idea[tm].
So why would it be a Very Bad Idea[tm] to have them in a common directory
like /bin/?
Because that a file should only or usually be executed by a superuser does not imply that the owner of that file must be a superuser, or that it has execute permission only for one superuser group or more, and vice-versa.
I don't see how that is relevant to my question.
Also, it is easier to keep files that usually should only be executed by
a superuser in a separate directory, so that they are not immediately available or listed to or for other users [e.g. in shell command resolution (along PATH), in a directory listing, or in tab completion].
Easier? It's a Very Bad Idea[tm] because people find it easier or may
get confused? Even a system with just busybox installed will have
commands that I have never run or expect to run on my own systems or the systems I get paid to tend (eg tftp). And fewer results for tab
completion is probably a lost cause. On my personal linux box, which I
don't consider to have a lot of stuff:
$ ls /usr/bin |wc
2410 2410 24453
$ ls /sbin |wc
188 188 1807
The panix NetBSD is much tighter:
$ ls /sbin |wc
148 148 1371
$ ls /usr/bin |wc
499 499 3425
Well, tighter if you don't count /usr/local/bin/ ...
$ ls /usr/local/bin |wc
6480 6480 82052
Which is the first directory on the standard system PATH.
ACK. X-Post & F’up2 comp.unix.misc.
It's not necessary to use high-bit characters in your text, either.
Elijah
------
does not find "smart" quotes to be an improvement in any way
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)