From owner-freebsd-questions  Thu Nov 11 10:52:29 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from europe.std.com (europe.std.com [199.172.62.20])
	by hub.freebsd.org (Postfix) with ESMTP id C590914C0C
	for <freebsd-questions@freebsd.org>; Thu, 11 Nov 1999 10:52:18 -0800 (PST)
	(envelope-from lowell@world.std.com)
Received: from world.std.com (lowell@world-f.std.com [199.172.62.5])
	by europe.std.com (8.9.3/8.9.3) with ESMTP id NAA24269
	for <freebsd-questions@freebsd.org>; Thu, 11 Nov 1999 13:52:16 -0500 (EST)
Received: (from lowell@localhost)
	by world.std.com (8.9.3/8.9.3) id NAA03592;
	Thu, 11 Nov 1999 13:52:16 -0500 (EST)
To: freebsd-questions@freebsd.org
Subject: Re: Group problems
References: <99110818305400.00416@machine.beastie.org> <Pine.BSF.4.05.9911081025190.12797-100000@fw.wintelcom.net> <19991109231030.A980@marder-1> <rd6n1smh47m.fsf@world.std.com> <19991110195627.A319@marder-1>
From: Lowell Gilbert <lowell@world.std.com>
Date: 11 Nov 1999 13:52:15 -0500
In-Reply-To: Mark Ovens's message of Wed, 10 Nov 1999 19:56:27 +0000
Message-ID: <rd6u2mslv34.fsf@world.std.com>
Lines: 14
X-Mailer: Gnus v5.5/Emacs 20.2
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Mark Ovens <mark@dogma.freebsd-uk.eu.org> writes:

> it (assuming they are members of the group wheel). Surely, from a
> security point of view, only one user (root) should be able to
> halt/reboot a machine; or are all members of wheel supposed to be
> intelligent, considerate (towards other users) individuals?

My answer is the latter.  As I see it, you normally only give "wheel"
access to people who should also have the root password.  

I don't think there's anything wrong with restricting the permissions
on /sbin/shutdown if you want to, though.

Be well.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message