Date: Tue, 25 Feb 1997 16:25:36 -0800 (PST) From: Mike Pritchard <mpp> To: burton@bsampley.vip.best.com (Burton Sampley) Cc: guido@gvr.win.tue.nl, chuckr@glue.umd.edu, danny@panda.hilink.com.au, ache@nagual.ru, guido@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-usrbin@freefall.freebsd.org Subject: Re: cvs commit: src/usr.bin/su su.1 su.c Message-ID: <199702260025.QAA28392@freefall.freebsd.org> In-Reply-To: <Pine.BSF.3.91.970225152537.202A-100000@bsampley.vip.best.com> from "Burton Sampley" at Feb 25, 97 03:33:33 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Burton Sampley wrote: > > I have to take a minute to through in my 2 cents here. After working in > the EDP Audit Department for a major bank in the US, the thought of a co. > not knowing who has access to root privs is a little frightening. What's > the co.'s reasoning for this kind of setup? I would hope it's *NOT* a > mission critical, production box. Let's review how things work again: If a user is a member of group wheel, and they know the root password, they can su to root. If only root is a member of group wheel, then no one can su to root, even if they know the root password. If group wheel has no members, then anyone who knows the root password can su to root. -- Mike Pritchard mpp@FreeBSD.org "Go that way. Really fast. If something gets in your way, turn"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702260025.QAA28392>