From owner-freebsd-chat  Tue Aug 15  9:55:52 2000
Delivered-To: freebsd-chat@freebsd.org
Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20])
	by hub.freebsd.org (Postfix) with ESMTP id D441337BE19
	for <freebsd-chat@FreeBSD.ORG>; Tue, 15 Aug 2000 09:55:50 -0700 (PDT)
	(envelope-from bright@fw.wintelcom.net)
Received: (from bright@localhost)
	by fw.wintelcom.net (8.10.0/8.10.0) id e7FGsVs01154;
	Tue, 15 Aug 2000 09:54:31 -0700 (PDT)
Date: Tue, 15 Aug 2000 09:54:31 -0700
From: Alfred Perlstein <bright@wintelcom.net>
To: j mckitrick <jcm@FreeBSD-uk.eu.org>
Cc: Joe Barnhart <flaboy@gnv.fdt.net>, freebsd-chat@FreeBSD.ORG
Subject: Re: Why I Don't Do Linux
Message-ID: <20000815095431.X4854@fw.wintelcom.net>
References: <20000815164645.D39188@dogma.freebsd-uk.eu.org> <Pine.LNX.4.05.10008151221230.31830-100000@yoda.fdt.net> <20000815174938.B40029@dogma.freebsd-uk.eu.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.4i
In-Reply-To: <20000815174938.B40029@dogma.freebsd-uk.eu.org>; from jcm@FreeBSD-uk.eu.org on Tue, Aug 15, 2000 at 05:49:38PM +0100
Sender: owner-freebsd-chat@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

* j mckitrick <jcm@FreeBSD-uk.eu.org> [000815 09:49] wrote:
> | > On Tue, Aug 15, 2000 at 10:33:40AM -0500, David Scheidt wrote:
> | > | If I got root, you don't have an sulog.  Funny how that works, eh? 
> | > 
> | > So you mean that with the wheel group, you always know who su'ed, while
> | > under the linux model, this is not true.  Do i understand correctly?
> 
> I guess to state what i mean more accurately, while the su attempts are
> logged in linux AND BSD, disallowing remote root logins means a person must
> login as themself FIRST, then SU, thus allowing all changes they have made
> to be tracked to them more easily, correct?  Is this the accountability that
> was referred to?

ARGH! no!  The idea is that let's say I'm in wheel and my PFY is
also in wheel but Joe Clueless is in the next cube over from me
and overhears me telling the PFY to root password, Joe Clueless
still won't be able to su to root.

-- 
-Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org]
"I have the heart of a child; I keep it in a jar on my desk."


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message