From owner-cvs-all Sun Oct 13 10: 0:39 2002 Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5263A37B401; Sun, 13 Oct 2002 10:00:38 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0182243E7B; Sun, 13 Oct 2002 10:00:38 -0700 (PDT) (envelope-from rwatson@FreeBSD.org) Received: from freefall.freebsd.org (rwatson@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id g9DH0bCo008811; Sun, 13 Oct 2002 10:00:37 -0700 (PDT) (envelope-from rwatson@freefall.freebsd.org) Received: (from rwatson@localhost) by freefall.freebsd.org (8.12.6/8.12.6/Submit) id g9DH0bdC008807; Sun, 13 Oct 2002 10:00:37 -0700 (PDT) Message-Id: <200210131700.g9DH0bdC008807@freefall.freebsd.org> From: Robert Watson Date: Sun, 13 Oct 2002 10:00:37 -0700 (PDT) To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/etc group X-FreeBSD-CVS-Branch: HEAD Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG rwatson 2002/10/13 10:00:37 PDT Modified files: etc group Log: Remove root from the kmem, sys, tty, and staff groups in the default configuration. Root privileges override DAC on local file systems and therefore root does not generally need to be a member of a group to access files owned by that group. In the NFS case, require explicit authorization for root to have these privileges. Leave root in operator for dump/restore broadcast reasons; leave root in wheel until discrepencies in the "no users in wheel means any user can su" policy are resolved (possibly indefinitely). Revision Changes Path 1.26 +4 -4 src/etc/group To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message