Re: [expert] What is "wheel" is it safe & how do I use it?

Sun, 29 Dec 2002 13:03:39 -0800

Really? I mean if you create an admin user can't you then restrict root from ever logging on?

Sridhar Dhanapalan wrote:
No matter what you call it, root is still UID 0 ('zero'). A cracker can simply
use 'UID 0' instead of 'root'. In other words, there is no real use in renaming
the root user.


On Sun, 29 Dec 2002 01:32:45 -0800, Jim C <[EMAIL PROTECTED]> wrote:
I don't find myself particularly impressed by it then I am afraid. Specifically I am refering to the use of a standardized name for the group. I mean wouldn't it be better to create an admin group with a misleading name that sounds like it is used by a program or one that sounds like the exact opposite of what it is or perhaps one that has no specific meaning? One might even create a fake user account for su ownershp and put the admin users in that accounts group while restricting that user from ever logging on. One might then also restrict the permissions on su sufficiently that an ordinary user cannot display who owns it.

Michael Viron wrote:

You can use linux to lock out "su" access to only the wheel group.

The steps are:
Change the group ownership on su to root:wheel .
Next, remove execute permission from "other" on su.

Michael

--
Michael Viron
Core System Administration Team
Simple End User Linux


At 04:03 PM 12/28/2002 -0800, you wrote:



I can tell you how it's used in BSD nix although I haven't seen it used
for much in Linux.  In BSD only users in who's primary group is wheel
can su to root.  All others are locked out.  Groups also allow for
access control to files / directories etc.  One just needs to edit
/etc/group to remove and or add a user to a group and give/remove
access.

James


On Sat, 2002-12-28 at 13:39, Jim C wrote:
My understanding is that there is a group called "wheel" that allows a user to have administrative privileges. I remember trying to get it to work some time ago but I've never been successful. This may have been because of my msec setting or something but I don't know. Can anybody give me tips on it's use?







------------------------------------------------------------------------



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com








Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com























					Reply via email to