From owner-freebsd-hackers  Fri Aug  2 15:06:49 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id PAA05280
          for hackers-outgoing; Fri, 2 Aug 1996 15:06:49 -0700 (PDT)
Received: from misery.sdf.com (misery.sdf.com [204.244.210.193])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id PAA05268
          for <freebsd-hackers@FreeBSD.ORG>; Fri, 2 Aug 1996 15:06:45 -0700 (PDT)
Received: from misery.sdf.com (misery.sdf.com [204.244.210.193]) by misery.sdf.com (8.7.5/UNS-1.0) with SMTP id PAA23991; Fri, 2 Aug 1996 15:22:55 -0700 (PDT)
Date: Fri, 2 Aug 1996 15:22:54 -0700 (PDT)
From: Tom Samplonius <tom@sdf.com>
To: pius@ienet.com
cc: freebsd-hackers@FreeBSD.ORG
Subject: Re: su question
In-Reply-To: <199608022120.OAA28784@iago.ienet.com>
Message-ID: <Pine.NEB.3.94.960802151945.23891A-100000@misery.sdf.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


On Fri, 2 Aug 1996 pius@ienet.com wrote:

> Just out of curiosity,
> 
> when someone does an su to root, why does su check that the
> username is explicitly listed as a member of group 0 in /etc/group
> instead of just making sure that the user is part of that group
> with getgroups(2)? In other words, why should a user with a group
> ID of 0 in /etc/passwd also have to be listed as a member of wheel
> in /etc/group in order to su to root?
> 
> Thanks,
> Pius

  For security reasons.

Tom