Subject: Re: su(1) group wheel restriction
To: None <hacksaw@user1.channel1.com>
From: Mike Long <mike.long@analog.com>
List: tech-userlevel
Date: 01/09/1997 13:23:57
>Date: Thu, 9 Jan 1997 12:13:12 -0500 (EST)
>From: Hacksaw <hacksaw@user1.channel1.com>
>
>>>Date: Thu, 9 Jan 1997 09:53:14 -0500
>>>From: Greg Hudson <ghudson@mit.edu>

>>>	* Allow anyone to su to root if gid 0 exists and has no
>>>	  members.  Since NetBSD ships with root explicitly belonging
>>>	  to group wheel, the default behavior will not change.

>I think this is a bad solution, for the simple reason that I use wheel
>as a "Power Users" group, so that those in the know can install into
>/usr/local/ and whatnot. Since not much gets shipped as being owned by
>group wheel, this affords fewer surprises for me the sys-admin.

It's easy enough to create and use another group for that; you don't
need to use wheel.  That's the whole *point* of the group mechanism,
to give various overlapping sets of users permission to do specific
things.

I don't see any need to fix something that isn't really broken.
-- 
Mike Long <mike.long@analog.com>     <URL:http://www.shore.net/~mikel>
VLSI Design Engineer         finger mikel@shore.net for PGP public key
Analog Devices, CPD Division          CCBF225E7D3F7ECB2C8F7ABB15D9BE7B
Norwood, MA 02062 USA       (eq (opinion 'ADI) (opinion 'mike)) -> nil