source: basicnet/netutils/traceroute/traceroute-exp.xml@ f5048964

10.0 10.1 11.0 11.1 6.0 6.1 6.2 6.2.0 6.2.0-rc1 6.2.0-rc2 6.3 6.3-rc1 6.3-rc2 6.3-rc3 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 krejzi/svn lazarus nosym perl-modules qt5new systemd-11177 systemd-13485 trunk upgradedb v1_0 v5_0 v5_0-pre1 v5_1 v5_1-pre1 xry111/intltool xry111/test-20220226
Last change on this file since f5048964 was f5048964, checked in by Mark Hymers <markh@…>, 20 years ago

update traceroute instructions

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@66 af4574ff-66df-0310-9fd7-8a98e5e911e0

  • Property mode set to 100644
File size: 1.3 KB
Line 
1<sect2>
2<title>Command explanations</title>
3
4<para><screen><userinput>sed 's/-o bin/-o root/' :</userinput></screen>
5Adjusts the Makefile so that the program is installed with user root instead
6of user bin (which doesn't exist on a default LFS system).</para>
7
8<para><userinput>make install: </userinput> Installs traceroute setuid root
9in the /usr/sbin directory. This makes it possible for all users to execute
10traceroute. For absolute security, turn off the setuid bit in traceroute's
11file permissions with the command
12<screen><userinput>chmod 0755 /usr/sbin/traceroute</userinput></screen></para>
13
14<para>The risk is that if a security problem such as a buffer overflow were
15ever found in the traceroute code, a regular user on your system could gain
16root access if the program is setuid root. Removing the setuid permission
17of course also makes it impossible for users other than root to utilize
18traceroute, so decide what's right for your individual situation.</para>
19
20<para>Now, to be completely FHS compliant, as is our aim, if you do leave the
21traceroute binary setuid root, then you should move traceroute to /usr/bin
22with the following command:
23<screen><userinput>mv /usr/sbin/traceroute /usr/bin</userinput></screen></para>
24
25<para>This ensures that the binary is in the path for non-root users.</para>
26
27</sect2>
28
Note: See TracBrowser for help on using the repository browser.