Date: Tue, 15 Aug 2000 09:54:31 -0700 From: Alfred Perlstein <bright@wintelcom.net> To: j mckitrick <jcm@FreeBSD-uk.eu.org> Cc: Joe Barnhart <flaboy@gnv.fdt.net>, freebsd-chat@FreeBSD.ORG Subject: Re: Why I Don't Do Linux Message-ID: <20000815095431.X4854@fw.wintelcom.net> In-Reply-To: <20000815174938.B40029@dogma.freebsd-uk.eu.org>; from jcm@FreeBSD-uk.eu.org on Tue, Aug 15, 2000 at 05:49:38PM %2B0100 References: <20000815164645.D39188@dogma.freebsd-uk.eu.org> <Pine.LNX.4.05.10008151221230.31830-100000@yoda.fdt.net> <20000815174938.B40029@dogma.freebsd-uk.eu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
* j mckitrick <jcm@FreeBSD-uk.eu.org> [000815 09:49] wrote: > | > On Tue, Aug 15, 2000 at 10:33:40AM -0500, David Scheidt wrote: > | > | If I got root, you don't have an sulog. Funny how that works, eh? > | > > | > So you mean that with the wheel group, you always know who su'ed, while > | > under the linux model, this is not true. Do i understand correctly? > > I guess to state what i mean more accurately, while the su attempts are > logged in linux AND BSD, disallowing remote root logins means a person must > login as themself FIRST, then SU, thus allowing all changes they have made > to be tracked to them more easily, correct? Is this the accountability that > was referred to? ARGH! no! The idea is that let's say I'm in wheel and my PFY is also in wheel but Joe Clueless is in the next cube over from me and overhears me telling the PFY to root password, Joe Clueless still won't be able to su to root. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000815095431.X4854>