Rafael R. Sevilla wrote:
> This is not entirely true. Try to install the BSD version of 'su',
> not the GNU version which most distros install by default. The BSD
> version has the notion of a 'wheel' group; only people who are members
> of the 'wheel' group can use the 'su' command.
>
> There's a far easier way I think, chmod 'su' to 4750, and let it be
> owned by user 'root' and group 'wheel'.
This reminds me of the original manpage of GNU 'su', written by none
other than RMS himself. It used to be standard but around 4 or so years
ago, it started getting expurgated in a lot of distros, notably red hat.
Now, hardly any distro retains the RMS written man page. In the latest
debian, it is not even in the manpage anymore (it used to be) but you
can still find it if you 'info su'
I reprint RMS' diatribe from the original 'su' manpage on "Why GNU su
does not support the `wheel' group", for the edification of the readers:
<blockquote>
Why GNU `su' does not support the `wheel' group
===============================================
(This section is by Richard Stallman.)
Sometimes a few of the users try to hold total power over all the
rest. For example, in 1984, a few users at the MIT AI lab decided to
seize power by changing the operator password on the Twenex system and
keeping it secret from everyone else. (I was able to thwart this coup
and give power back to the users by patching the kernel, but I wouldn't
know how to do that in Unix.)
However, occasionally the rulers do tell someone. Under the usual
`su' mechanism, once someone learns the root password who sympathizes
with the ordinary users, he or she can tell the rest. The "wheel
group" feature would make this impossible, and thus cement the power of
the rulers.
I'm on the side of the masses, not that of the rulers. If you are
used to supporting the bosses and sysadmins in whatever they do, you
might find this idea strange at first.
</blockquote>
Its a shame that stuff like this is being expurgated from the
documentation. Sayang.
--
Inocencio Daniel Cortes Maramba, MD |http://upcm.net/%7eidcm/
Assistant Professor, Medical Informatics Unit|"Insert witty saying here"
College of Medicine |[EMAIL PROTECTED]
University of the Philippines Manila |"Dude, that kicks ass!"
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
