On Sat, Apr 10, 2004 at 11:57:41PM +1200, Nick Rout wrote:
> can you tell us a little more about the wheel group's use and abuse? I
> have never understood quite what it was for, where it got it's name
> etc. Apart from the fact that I need to be in the group, in some
> distro's, in order to su. And that I have seen it in BSD :-)
Take a look at the 'wheel bit' and 'wheel' entries in the Jargon File,
then take a look at the last section of the GNU su(1) info page.
Note that the Jargon File entry for 'wheel bit' says that this bit was
introduced into TENEX (aka TWENEX), which became TOPS-20. This is not
quite correct--the wheel bit existed in later releases of TOPS-10 before
TENEX was around, as can be evidenced by reviewing the TOPS-10 source
code available online, and as documented by some of the people who wrote
TOPS-10.
Here's an almost-totally-devoid-of-details summary of wheel:
Intially the TOPS-10 system allowed users to perform almost any
action--all users were effectively superusers, if they wanted to
active/abuse privileges. As time went on, the 'wheel bit' was added to
TOPS-10 (and other systems) so that particular accounts could be marked
as authorised/trusted superusers--this was enabled by setting the wheel
bit for that account. The user could then run processes with the wheel
bit set to run that process in superuser mode.
Note: I've used modern terminology above to make it easier to relate the
concepts to modern Unix systems.
Later, the wheel group (GID 0) was added to BSD as both a homage and a
well-understood existing concept from earlier systems. On these
systems, a user must be a member of the wheel group to change their UID
to 0 (e.g. via su(1)). This is how we know of the wheel group today.
Cheers,
-mjg
--
Matthew Gregan |/
/| [EMAIL PROTECTED]
