In comp.unix.misc, Thomas 'PointedEars' Lahn <usenet@PointedEars.de> wrote:

Eli the Bearded wrote:
^^^^^^^^^^^^^^^
Please post here using your real name.

That is my nom-de-net for better than two decades.

In comp.lang.python, Thomas 'PointedEars' Lahn <usenet@PointedEars.de> wrote:

Attribution _line_, not attribution novel.

Says the guy who just (a) took this topic to a different group as I
suggested and (b) feels it necessary to have two separate "face" headers
with images in excess of a 1000 bytes. I use that attribution line
*because* things get crossposted and to make it clear the the context
I'm replying from.

[this discussion is sparked by the request:

On 7/24/19 4:20 PM, Cameron Simpson wrote:

That is some progress, hooray. Then there's just sbin -> bin to go.

ACK. But what appears useful for a non-superuser can be viewed as compromising system security, or opening ways to make that easier,
by superusers/system administrators.

If it can "compromis[e] system security" it needs to check permissions
anyway. There is nothing stopping me using a non-privleged account from
trying to run anything in /sbin anyway.

Keep in mind that originally, and in fact still due to servers on the Internet, the majority of Unices have not been/are not only used by one person each which is both a non-superuser and a superuser of the computer system:

Hey, guess what? I've been a shell customer of Panix for over two
decades and Panix fits some 1500+ subscribers (these days) on four
(these days) multiuser shell boxes. "who|wc" gives me 43 users at the
moment on this box. I know all about Unix as a multiuser system.

Which is why the above is a Very Bad Idea[tm].

So why would it be a Very Bad Idea[tm] to have them in a common directory
like /bin/?

Because that a file should only or usually be executed by a superuser does not imply that the owner of that file must be a superuser, or that it has execute permission only for one superuser group or more, and vice-versa.

I don't see how that is relevant to my question.

Also, it is easier to keep files that usually should only be executed by
a superuser in a separate directory, so that they are not immediately available or listed to or for other users [e.g. in shell command resolution (along PATH), in a directory listing, or in tab completion].

Easier? It's a Very Bad Idea[tm] because people find it easier or may
get confused? Even a system with just busybox installed will have
commands that I have never run or expect to run on my own systems or the systems I get paid to tend (eg tftp). And fewer results for tab
completion is probably a lost cause. On my personal linux box, which I
don't consider to have a lot of stuff:

$ ls /usr/bin |wc
2410 2410 24453
$ ls /sbin |wc
188 188 1807

The panix NetBSD is much tighter:

$ ls /sbin |wc
148 148 1371
$ ls /usr/bin |wc
499 499 3425

Well, tighter if you don't count /usr/local/bin/ ...

$ ls /usr/local/bin |wc
6480 6480 82052

Which is the first directory on the standard system PATH.

ACK. X-Post & F’up2 comp.unix.misc.

It's not necessary to use high-bit characters in your text, either.

Elijah
------
does not find "smart" quotes to be an improvement in any way

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)