Recommendation for Adjusting Command Categorization in Manual Pages

public inbox for linux-man@vger.kernel.org
 help / color / mirror / Atom feed

* Recommendation for Adjusting Command Categorization in Manual Pages
@ 2024-01-10 11:12 孟敬姿
  2024-02-11 18:23 ` Alejandro Colomar
  0 siblings, 1 reply; 2+ messages in thread
From: 孟敬姿 @ 2024-01-10 11:12 UTC (permalink / raw)
  To: linux-man; +Cc: alx.manpages, mtk.manpages

Hi! I hope this message finds you well.

We have identified an issue in the categorization 
of certain commands in the man-pages and would like 
to bring it to your attention.

Upon testing on Debian 11, we observed discrepancies 
between the stated privilege requirements in the manual 
pages and the actual behavior of some commands. 

According to the introduction pages, commands in section 
8 require superuser privileges to run, but we found some 
commands that do not necessitate superuser privileges for 
execution:
lnstat, findfs, blkid, lsblk, lsmod, lspci, modinfo, 
isosize, lastlog, tzselect, zdump, getcap, getpcaps, 
mklost_found, tracepath.

These commands predominantly query system information and 
do not involve sensitive resources.
For example, lnstat print Linux network statistics, the 
statics comes from /proc/net/stat which could be read by 
anyone. Lastlog reports the most recent login users, the 
similar commands like last, printky and users are all in 
section 1. And it is clearly stated in tracepath(8) that 
the command does not require superuser privileges.

The introduction of section 1 claims that those commands 
to be user commands, but some commands require superuser 
privileges to run: 
dumpkeys, fgconsole, kbdindo, kbd_mode, showkey, 
deallocvt, tcpdump, chage, gpasswd, mesg, mkfifo.

These commands manipulate special resources like keyboards, 
virtual terminals and pipes. Notably, tcpdump exists in both 
Section 1 and Section 8, but it can only be used with privileges.

To enhance clarity and align with the intended privilege 
requirements, we recommend adjusting the categorization of these
commands. This adjustment will ensure that users referring to 
the manual pages can accurately configure command permissions 
without unnecessary use of privileges and contribute to a more 
intuitive and accurate manual page structure.

Best regards,
Jingzi

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: Recommendation for Adjusting Command Categorization in Manual Pages
  2024-01-10 11:12 Recommendation for Adjusting Command Categorization in Manual Pages 孟敬姿
@ 2024-02-11 18:23 ` Alejandro Colomar
  0 siblings, 0 replies; 2+ messages in thread
From: Alejandro Colomar @ 2024-02-11 18:23 UTC (permalink / raw)
  To: 孟敬姿; +Cc: linux-man, alx.manpages

[-- Attachment #1: Type: text/plain, Size: 2307 bytes --]

Hi Jingzi!

On Wed, Jan 10, 2024 at 07:12:49PM +0800, 孟敬姿 wrote:
> Hi! I hope this message finds you well.
> 
> We have identified an issue in the categorization 
> of certain commands in the man-pages and would like 
> to bring it to your attention.
> 
> Upon testing on Debian 11, we observed discrepancies 
> between the stated privilege requirements in the manual 
> pages and the actual behavior of some commands. 
> 
> According to the introduction pages, commands in section 
> 8 require superuser privileges to run, but we found some 
> commands that do not necessitate superuser privileges for 
> execution:
> lnstat, findfs, blkid, lsblk, lsmod, lspci, modinfo, 
> isosize, lastlog, tzselect, zdump, getcap, getpcaps, 
> mklost_found, tracepath.
> 
> These commands predominantly query system information and 
> do not involve sensitive resources.
> For example, lnstat print Linux network statistics, the 
> statics comes from /proc/net/stat which could be read by 
> anyone. Lastlog reports the most recent login users, the 
> similar commands like last, printky and users are all in 
> section 1. And it is clearly stated in tracepath(8) that 
> the command does not require superuser privileges.
> 
> The introduction of section 1 claims that those commands 
> to be user commands, but some commands require superuser 
> privileges to run: 
> dumpkeys, fgconsole, kbdindo, kbd_mode, showkey, 
> deallocvt, tcpdump, chage, gpasswd, mesg, mkfifo.
> 
> These commands manipulate special resources like keyboards, 
> virtual terminals and pipes. Notably, tcpdump exists in both 
> Section 1 and Section 8, but it can only be used with privileges.
> 
> To enhance clarity and align with the intended privilege 
> requirements, we recommend adjusting the categorization of these
> commands. This adjustment will ensure that users referring to 
> the manual pages can accurately configure command permissions 
> without unnecessary use of privileges and contribute to a more 
> intuitive and accurate manual page structure.
> 
> Best regards,
> Jingzi

Could you please suggest a specific patch to the manual pages?

Have a lovely day,
Alex

-- 
<https://www.alejandro-colomar.es/>
Looking for a remote C programming job at the moment.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2024-02-11 18:23 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-01-10 11:12 Recommendation for Adjusting Command Categorization in Manual Pages 孟敬姿
2024-02-11 18:23 ` Alejandro Colomar

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox