[PLUG] sudoers still not working
Jeme A Brelin
jeme at brelin.net
Sat Nov 29 13:50:02 UTC 2003
On Sat, 29 Nov 2003, Anthony Schlemmer wrote:
> Wouldn't you want /usr/local/bin before /usr/bin, etc?
I can see a school of thought (I'm not saying it exists) that would treat
/usr/local as the repository for custom versions of things that might
conflict with a shared /usr/bin or /bin, but I've never seen such a thing.
Usually, I've seen /usr/local used as a shared space for local executables
built by admin and non-admin staff for use in that environment. That
meant, in these cases, that /usr/local was WRITABLE BY NON-ADMINS (usually
the staff group). This opens you up to all kinds of trojans and
unintentional conflicts.
If /usr/local/bin precedes ANYTHING in your path, you should constantly
check to see if anything there has the same name as something from your
essential operating system packages (/sbin and /bin for sure, but probably
also /usr/sbin and /usr/bin).
Those are my bits.
J.
--
-----------------
Jeme A Brelin
jeme at brelin.net
-----------------
[cc] counter-copyright
http://www.openlaw.org
More information about the PLUG
mailing list