From owner-freebsd-security@FreeBSD.ORG Thu Jul 21 20:11:32 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AA45216A421 for ; Thu, 21 Jul 2005 20:11:32 +0000 (GMT) (envelope-from asym@rfnj.org) Received: from mail.rfnj.org (ns1.rfnj.org [66.180.172.156]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7139543D6D for ; Thu, 21 Jul 2005 20:11:02 +0000 (GMT) (envelope-from asym@rfnj.org) Received: by mail.rfnj.org (Postfix, from userid 65534) id A7737304; Thu, 21 Jul 2005 16:10:34 -0400 (EDT) Received: from megalomaniac.rfnj.org (ool-45736df1.dyn.optonline.net [69.115.109.241]) by mail.rfnj.org (Postfix) with ESMTP id 19367195; Thu, 21 Jul 2005 16:10:33 -0400 (EDT) Message-Id: <6.2.1.2.2.20050721161021.0390e010@mail.rfnj.org> X-Mailer: QUALCOMM Windows Eudora Version 6.2.1.2 Date: Thu, 21 Jul 2005 16:11:36 -0400 To: Stephen Major , From: asym In-Reply-To: <42dffdf5.3cc8b1ad.3d8c.315f@mx.gmail.com> References: <42dffdf5.3cc8b1ad.3d8c.315f@mx.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on rfnj.org X-Spam-Level: X-Spam-Status: No, score=0.0 required=20.0 tests=none autolearn=failed version=3.0.4 Cc: Subject: Re: Adding OpenBSD sudo to the FreeBSD base system? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Jul 2005 20:11:32 -0000 At 15:56 7/21/2005, Stephen Major wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA512 > >"All you need to do is uncomment that and viola, you have default su >behavior -- anyone in the wheel group allowed to sudo as any other user." > >Exactly! Every other user can sudo. How EXACTLY do you come to that conclusion? I imagine it has something to do with why you also decided to quote as you did, instead of letting the mailreader do it for you. Uncomment the line I indicated and every user IN THE WHEEL GROUP can sudo. EXACTLY how su works.