On Thu, 26 Jul 2001, Sheldon Hearn wrote:
> On Wed, 25 Jul 2001 19:20:45 MST, Kris Kennaway wrote:
>
> > Isn't this backwards? Code shouldn't be making assumptions about the
> > special meaning of numeric gids. What if you wanted to renumber gid
> > wheel to something else?
>
> So? My primary group is 0. In /etc/group, group wheel's numeric value
> is 0.
The FreeBSD 4.3 manpage says:
Only users who are a member of group 0 (normally ``wheel'') can su to
``root''. If group 0 is missing or empty, any user can su to
``root''.
The OpenBSD-current manpage says (more explicitly):
If group 0 (normally ``wheel'') has users listed then only those
users can su to ``root''. It is not sufficient to change a user's
/etc/passwd entry to add them to the ``wheel'' group; they must
explicitly be listed in /etc/group. If no one is in the ``wheel''
group, it is ignored, and anyone who knows the root password is
permitted to su to ``root''.
The FreeBSD -CURRENT manpage doesn't mention wheel at all, referring the
reader to pam.conf to work out the semantics. I think this is a loss -
the defaults for su in pam.conf should at least be covered in the manpage.
Joshua
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
