Date: Tue, 25 Feb 1997 01:09:04 +0300 (MSK) From: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.ru> To: Guido van Rooij <guido@freefall.freebsd.org> Cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.bin/su su.1 su.c Message-ID: <Pine.BSF.3.95q.970225010600.1497A-100000@nagual.ru> In-Reply-To: <199702242032.MAA15843@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 24 Feb 1997, Guido van Rooij wrote: > guido 97/02/24 12:32:27 > > Modified: usr.bin/su su.1 su.c > Log: > When group wheel is empty, allow everyone to su to root. This has normally > no conseqeunces as we ship with a non-empty wheel. I disagree. Some sysadmins intentionally make it empty to disallow 'su' and allow only root login from console. Also implicit defaults in this way can be potential hole. Direct list of users here shows better who currently have access than empty default with unknown users list, please back it out. -- Andrey A. Chernov <ache@null.net> http://www.nagual.ru/~ache/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.970225010600.1497A-100000>