Date: Tue, 4 Mar 1997 15:26:01 +0000 (GMT) From: Adam David <adam@veda.is> To: mrm@Mole.ORG (M.R.Murphy) Cc: wollman@lcs.mit.edu, current@freebsd.org Subject: Re: cvs commit: src/usr.bin/su su.1 su.c Message-ID: <199703041526.PAA10491@veda.is> In-Reply-To: <199703041457.GAA14620@meerkat.mole.org> from "M.R.Murphy" at "Mar 4, 97 06:57:09 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> I'll grant that the overloading of the use of the "wheel" group > might have been an injudicious choice. I prefer sudo :-) Yep. > The current behavior allows the three cases mentioned above: > > 1) only root can su, > 2) named users can su, > 3) anyone can su > > How would the "correct behavior of the command to call getgroups > and check the result for a GID of 0" provide for the three cases > above without enumerating all users as in 2)? 1) Root is a named user, don't name any others. 2) Name them (traditionally in group 'wheel', but could be elsewhere). 3) /etc/su.conf -- Adam David <adam@veda.is>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703041526.PAA10491>