Of course since Sun releases patches so slowly that any RAQ can be rooted (for example the /usr/lib/authenticate flaw still waiting for resolution) by anyone with shell access its as if all users have su access and know the password already :(
Tom ----- Original Message ----- From: "Jeff Lasman" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, September 09, 2002 4:18 PM Subject: Re: [cobalt-security] can't su - > Gerald Waugh wrote: > > > Interesting what Stallman says about the wheel group! > > http://www.delorie.com/gnu/docs/sh-utils/su.1.html > > Yes, but he was speaking circa 1985. In 1985 we didn't have myriad > webhosting companies giving their clients login privileges. > > The man page from gnu su from the latest Red Hat (7.3), but that one > doesn't seem to require membership in wheel for su to work. I haven't > tested any RaQs. > > Since we don't offer shell accounts it doesn't matter to us, but if we > did, I'd NOT want people to be able to log into root unless they were > members of wheel. > > Stallman likes to empower people; I don't like to empower them to get > into my servers as root. > > Jeff > -- > Jeff Lasman <[EMAIL PROTECTED]> > Linux and Cobalt/Sun/RaQ Consulting > nobaloney.net, P. O. Box 52672, Riverside, CA 92517 > voice: +1 909 778-9980 * fax: +1 909 548-9484 > _______________________________________________ > cobalt-security mailing list > [EMAIL PROTECTED] > http://list.cobalt.com/mailman/listinfo/cobalt-security > _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
