From owner-freebsd-hackers  Mon Mar 25 16:50:09 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id QAA22614
          for hackers-outgoing; Mon, 25 Mar 1996 16:50:09 -0800 (PST)
Received: from cabal.io.org (cabal.io.org [198.133.36.103])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id QAA22577
          for <freebsd-hackers@freebsd.org>; Mon, 25 Mar 1996 16:49:55 -0800 (PST)
Received: (from taob@localhost) by cabal.io.org (8.7.4/8.7.4) id TAA14782; Mon, 25 Mar 1996 19:47:34 -0500 (EST)
Date: Mon, 25 Mar 1996 19:47:33 -0500 (EST)
From: Brian Tao <taob@io.org>
To: FREEBSD-HACKERS-L <freebsd-hackers@freebsd.org>
Subject: Restricting ping -s and -l
Message-ID: <Pine.BSF.3.91.960325194516.13507Q-100000@cabal.io.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

    Are there any good reasons why a non-root user should need the -s
and -l options in ping?  I've had problems in the past with users
starting up a dozen "ping -s 8000"'s to a foreign site, saturating our
own T1 to the net.  Who needs ping -f when you can control the packet
size.  :(

    I can't really think of any legitimate reason for allowing -s and
-l to unprivileged user, but before I modify the source, I figured I'd
ask around first.  :)
--
Brian Tao (BT300, taob@io.org)
System and Network Administrator, Internex Online Inc.
"Though this be madness, yet there is method in't"