Date: Sat, 4 May 2002 08:40:04 -0700 (PDT) From: Gleb Smirnoff <glebius@cell.sick.ru> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/37733: su(1) does not behave the way it is described in man Message-ID: <200205041540.g44Fe4j38556@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/37733; it has been noted by GNATS. From: Gleb Smirnoff <glebius@cell.sick.ru> To: Ceri Davies <setantae@submonkey.net>, FreeBSD-gnats-submit@FreeBSD.org Cc: Subject: Re: bin/37733: su(1) does not behave the way it is described in man Date: Sat, 4 May 2002 19:34:01 +0400 On Sat, May 04, 2002 at 02:53:01PM +0100, Ceri Davies wrote: C> > But if user is not listed in group wheel and his primary group is 0, C> > he is allowed to su root. As it is said in comment in su.c, this C> > is the desired behavior. This is quite different to manpage. C> C> If your primary group is 0, then you *are* in wheel (which is the group with C> gid 0). So there is no way to give user wheel rights (for reading many files and logs), but do not permit him to su root? btw, OpenBSD's su behaves exactly the way described in man: it allows to su root only users listed in wheel group in /etc/group. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205041540.g44Fe4j38556>