From owner-freebsd-questions@FreeBSD.ORG Wed Aug 13 06:42:54 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AC22E37B401 for ; Wed, 13 Aug 2003 06:42:54 -0700 (PDT) Received: from asarian-host.net (mail.asarian-host.net [194.109.160.70]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4F00043FA3 for ; Wed, 13 Aug 2003 06:42:53 -0700 (PDT) (envelope-from admin@asarian-host.net) Comments: To protect the identity of the sender, certain header fields are either not shown, or masked. Anonymous email addresses for asarians can be requested by filling in the appropriate form at: https://asarian-host.net/cgi-bin/signup.cgi Received: (from root@localhost) by mail.asarian-host.net (8.12.9/8.12.9) id h7DDgkxK005527 for freebsd-questions@freebsd.org; Wed, 13 Aug 2003 15:42:46 +0200 (CEST) (envelope-from admin@asarian-host.net) From: Mark Message-Id: <200308131342.H7DDGEWG005511@asarian-host.net> Date: Wed, 13 Aug 2003 13:42:46 GMT X-Authenticated-Sender: admin@asarian-host.net X-Trace: bu9Kbgrlc1ix7TmFItNv1eiTea/o3o69j/u3xQ7CrGuyDC2EStwEZ21ZSUYQBuvpdWGO6aMclj7XDiajI7TuhA== X-Complaints-To: abuse@asarian-host.net X-Abuse-Info: Please be sure to forward a copy of ALL headers X-Abuse-Info: Otherwise we are unable to process your complaint Organization: Asarian-host To: "Andy Farkas" , "Markie" References: <20030813231812.O90272-100000@hewey.af.speednet.com.au> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Auth: Asarian-host PGP signature iQEVAwUAPzpAVjFqW1BleBN9AQEWAQf/eK5XrfbnPpcChWVoNtNFAcSZ97v9cMQx t2lEJvcJW/1cpRGljmtutl4+kbBtYwpBQW8q6JZ8eNPIP/9ID+WntO9jJglCyOA0 B1T+1TyZnN8tIQzEbZ36QPOGFlFzTleXNozD40zy8C6PkTQWt9vD8u58ZkHQ//64 gqa9DsD4YYCKUBOVWkcLPMoATuW5xcHryrtPtrxEAh48fJ2YYNEppXsMTjdyguwH GKxU+nK4QM2GFncz+WHSMyRK7tENIIsImOhe8sidtuG6M+5VHsrrJYZ9Mn69cyS9 DGHfBiW0pck4RVl7U6Tvxe9DvFnLf7dqN+kpUIxZs+wW3/VLnSMfUQ== =igGz cc: Ruben de Groot cc: freebsd-questions@freebsd.org Subject: Re: Restricting ICMP X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Aug 2003 13:42:55 -0000 ----- Original Message ----- From: "Andy Farkas" To: "Markie" Cc: "Mark" ; "Ruben de Groot" ; Sent: Wednesday, August 13, 2003 3:20 PM Subject: Re: Restricting ICMP > > Is it? I thought it was setuid root for a reason :o) > .... > > I just woke up, so it may well be I am just being stupid :o) > > Well, I didn't know ping needed suid. I stand corrected and > apologise for any misleadings. > > /me is the stupid one... time to go to bed :) If it makes you feel any better, I feel rather stupid too. :) Here I was, thinking: "Hmm, chmod g+s, as means of allowing only folks in wheel access, is not going to work;" whereas the glaringly obvious solution: to remove execution-bits from "o" using chmod 4550, for some bizarre reason, escaped me. :) /me, feeling stupid too. - Mark