Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Why is it that, if administrative binaries are supposed to live in /sbin, and not be accessible to normal users, why are they? Entering "/sbin/<command>" allows you to execute a program as a normal user.
I'd always assumed (dumb of me) that /sbin was not accessible.
Most of the programs under /sbin (and/or /usr/sbin) won't execute
potentially damaging parts of their abilities if invoked by some
other user than root, some won't do anything at all, so it's not
a big deal to have the directory(ies) accessible. No one ever
said they're not supposed to be accessible, btw.
A lot of these commands can supply useful information run as a normal user. ifconfig is one example. As a normal user you can't use them to make changes. The commands are in a read-only mode unless they are run as root. Then they can make changes to the system.
Some commands like fdisk and mkefs are less useful since you don't have access to the hard disk devices, but you could use them to make a filesystem on a regular file.
Some commands like fdisk and mkefs are less useful since you don't have access to the hard disk devices, but you could use them to make a filesystem on a regular file.
Thanks to both of you. Do the programs themselves have identity checks, or is it just that /etc is ro to normal users, so the programs can't make changes?
Almost all of the files in the system directories will have root as the owner and group owner. They won't be writable be "others". There are some such as /etc/sshd/sshd_config that can only be read by root. Some config files are are owned by a system user rather than root.
Some distro's use selinux protection with allow only a certain process to access the config file even though the normal permissions would allow it.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
