Date: Thu, 4 Jan 2001 14:32:31 +1000 From: "Doug Young" <dougy@bryden.apana.org.au> To: "Tim McMillen" <timcm@umich.edu>, <MaTrIxDPN@aol.com>, <freebsd-questions@FreeBSD.ORG> Subject: Re: Su[2] was:(no subject) Message-ID: <027901c07607$5e899f20$847e03cb@apana.org.au> References: <8c.ac9607.278548f5@aol.com> <024d01c07601$6de2d140$847e03cb@apana.org.au> <01010323163004.08422@tim.elnsng1.mi.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hey I'm no expert :) ...... I guess its to do with maximizing security though. The general idea is to control what applications users can run. Our policy here is to not have any users (even sysadmins) in wheel group. The only true root access is at the actual machine & users are given su access to only those functions necessary for them to do whatever they need. > > Do you know why not? Details, I need details. :) > > > at least add the users to another group & then add the group to > > wheel, > > Is that why when I added a user with adduser to wheel that I was > actually added to gid 0 and 0 is in wheel? What advantage does that > have? > > Tim > > >or preferably use something like > > sudo so you have more control over what users can do > > ----- Original Message ----- > > From: MaTrIxDPN@aol.com > > To: freebsd-questions@FreeBSD.ORG > > Sent: Thursday, January 04, 2001 1:33 PM > > Subject: Re: (no subject) > > > > > > It saids i cant su from this account, i cant remember what group it > > had to be, what group is it? > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?027901c07607$5e899f20$847e03cb>