Date: Wed, 3 Nov 1999 09:06:55 +0000 (GMT) From: Spidey <beaupran@jsp.umontreal.ca> To: cjclark@home.com Cc: peter.jeremy@alcatel.com.au, freebsd-security@FreeBSD.ORG Subject: Re: Examining FBSD set[ug]ids and their use Message-ID: <14367.64303.156671.655102@anarcat.dyndns.org> References: <14365.48408.87230.710344@anarcat.dyndns.org> <199911020449.XAA03496@cc942873-a.ewndsr1.nj.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
After some comments I received, I finally agree with your position... :/ I guess I do not know ping that well :) I'll repeat the argument someone gave me and that I found convincing enough: " In terms of network load, normal pings are relatively minor (and flood pings are only available to ruid==0) - if someone wants to upset a network, they can easily flood it with TCP or UDP packets. " <Thanks peter.. :)> Good bye! --- Big Brother told Crist J. Clark to write, at 23:49 of November 1: > Spidey wrote, > > > ># Allow users to bind on a socket (which? where?) > > > > ping mode=4555 > > > Needed to allow ordinary mortals to sent raw IP (ICMP) packets. > > > > I don't think this should be enable by default... on a shell box, this > > could cause some pretty dense headaches... > > You don't think mortal users should be able to ping? IMHO, ping is a > _very_ basic utility that generally should be turned on. I don't want > to have to 'su' to root everytime I want to ping a host to see if it > is awake. Same goes for traceroute(8). > > If you want to turn off the setuid (in which case you might as well > chmod to 700 as well), you can, but I really don't see it as the > default setup. > -- > Crist J. Clark cjclark@home.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Si l'image donne l'illusion de savoir C'est que l'adage pretend que pour croire, L'important ne serait que de voir Lofofora To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14367.64303.156671.655102>