I'm using an up to date gentoo system, and it seems that my /sbin is chmodded in such a way by default as to allow useres to run programs by entering the absolute path. For example, my ifconfig can be accessed by users typing in /sbin/ifconfig. Hopefully Gentoo's /sbin security isn't relying on a lack of path. . . I think that by default the permissions should be set in a more secure manner. Reproducible: Always Steps to Reproduce: 1. Type /sbin/ifconfig at the prompt 2. Play around with programs in the sbin to cause changes that shouldn't be caused as a normal user. . . Actual Results: ifconfig and whatever else are accessible Expected Results: Permission denied.
the behavior you're seeing is correct