Date: Tue, 28 Nov 1995 20:47:56 -0600 (CST) From: Joe Greco <jgreco@brasil.moneng.mei.com> To: jkh@time.cdrom.com (Jordan K. Hubbard) Cc: terry@lambert.org, joerg_wunsch@uriah.heep.sax.de, freebsd-current@FreeBSD.ORG Subject: Re: schg flag on make world in -CURRENT Message-ID: <199511290247.UAA13600@brasil.moneng.mei.com> In-Reply-To: <2748.817605372@time.cdrom.com> from "Jordan K. Hubbard" at Nov 28, 95 04:36:12 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> Yeah, and you don't need a note from your mother either. I would > therefore like to join Terry in demanding that su be disabled until > the requisite scanner support (with authentication) be added directly > into the kernel. > > > > > 1) Your user name must be in group "wheel" (in the file /etc/group > ). > > > > > > > > 2) Your pty must be marked "secure". > > > > > > Sheesh. You don't need a "secure" pty in order to su(8) on it! > > > > No? > > > > You should. OK. "su" is broken. Very funny Jordan. Terry, I don't think su is broken. Think about su in an environment where you: (1) are in an xterm (2) telnetted in via encrypted telnet (3) etc. Wheel users should be intelligent enough to decide on their own if their channel is sufficiently secure. Forcing people to mark their pty's as "secure" would be making the system less secure. ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgreco@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/342-4847
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199511290247.UAA13600>