Subject: Re: su(1) group wheel restriction
To: None <>
From: Hacksaw <>
List: tech-userlevel
Date: 01/09/1997 12:13:12
>>Date: Thu, 9 Jan 1997 09:53:14 -0500
>>From: Greg Hudson <>
>>It seems poor to me that the only way to configure a machine to allow
>>arbitrary users to su to root is to give up having a name for group 0.
>>Assuming we want to solve this problem, there are two solutions I can
>>come up with:
>>	* Allow anyone to su to root if gid 0 exists and has no
>>	  members.  Since NetBSD ships with root explicitly belonging
>>	  to group wheel, the default behavior will not change.
>I prefer this solution.

I think this is a bad solution, for the simple reason that I use wheel
as a "Power Users" group, so that those in the know can install into
/usr/local/ and whatnot. Since not much gets shipped as being owned by
group wheel, this affords fewer surprises for me the sys-admin.