Subject: Re: su(1) group wheel restriction
To: None <email@example.com>
From: Hacksaw <firstname.lastname@example.org>
Date: 01/09/1997 12:13:12
>>Date: Thu, 9 Jan 1997 09:53:14 -0500
>>From: Greg Hudson <email@example.com>
>>It seems poor to me that the only way to configure a machine to allow
>>arbitrary users to su to root is to give up having a name for group 0.
>>Assuming we want to solve this problem, there are two solutions I can
>>come up with:
>> * Allow anyone to su to root if gid 0 exists and has no
>> members. Since NetBSD ships with root explicitly belonging
>> to group wheel, the default behavior will not change.
>I prefer this solution.
I think this is a bad solution, for the simple reason that I use wheel
as a "Power Users" group, so that those in the know can install into
/usr/local/ and whatnot. Since not much gets shipped as being owned by
group wheel, this affords fewer surprises for me the sys-admin.