From owner-freebsd-questions Wed Jan 3 20:22:50 2001 From owner-freebsd-questions@FreeBSD.ORG Wed Jan 3 20:22:47 2001 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from bryden.apana.org.au (bryden.apana.org.au [203.3.126.129]) by hub.freebsd.org (Postfix) with ESMTP id 02AA637B400 for ; Wed, 3 Jan 2001 20:22:45 -0800 (PST) Received: from roadrunner (roadrunner.apana.org.au [203.3.126.132]) by bryden.apana.org.au (8.11.1/8.11.1) with SMTP id f044FLM26293; Thu, 4 Jan 2001 14:15:22 +1000 (EST) (envelope-from dougy@bryden.apana.org.au) Message-ID: <027901c07607$5e899f20$847e03cb@apana.org.au> From: "Doug Young" To: "Tim McMillen" , , References: <8c.ac9607.278548f5@aol.com> <024d01c07601$6de2d140$847e03cb@apana.org.au> <01010323163004.08422@tim.elnsng1.mi.home.com> Subject: Re: Su[2] was:(no subject) Date: Thu, 4 Jan 2001 14:32:31 +1000 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hey I'm no expert :) ...... I guess its to do with maximizing security though. The general idea is to control what applications users can run. Our policy here is to not have any users (even sysadmins) in wheel group. The only true root access is at the actual machine & users are given su access to only those functions necessary for them to do whatever they need. > > Do you know why not? Details, I need details. :) > > > at least add the users to another group & then add the group to > > wheel, > > Is that why when I added a user with adduser to wheel that I was > actually added to gid 0 and 0 is in wheel? What advantage does that > have? > > Tim > > >or preferably use something like > > sudo so you have more control over what users can do > > ----- Original Message ----- > > From: MaTrIxDPN@aol.com > > To: freebsd-questions@FreeBSD.ORG > > Sent: Thursday, January 04, 2001 1:33 PM > > Subject: Re: (no subject) > > > > > > It saids i cant su from this account, i cant remember what group it > > had to be, what group is it? > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message