From owner-cvs-usrbin  Mon Feb 24 14:46:44 1997
Return-Path: <owner-cvs-usrbin>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id OAA25350
          for cvs-usrbin-outgoing; Mon, 24 Feb 1997 14:46:44 -0800 (PST)
Received: from sequent.kiae.su (sequent.kiae.su [193.125.152.6])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id OAA25317;
          Mon, 24 Feb 1997 14:45:29 -0800 (PST)
Received: by sequent.kiae.su id AA25514
  (5.65.kiae-2 ); Tue, 25 Feb 1997 01:25:19 +0300
Received: by sequent.KIAE.su (UUMAIL/2.0); Tue, 25 Feb 97 01:25:17 +0300
Received: (from ache@localhost)
	by nagual.ru (8.8.5/8.8.5) id BAA01507;
	Tue, 25 Feb 1997 01:09:10 +0300 (MSK)
Date: Tue, 25 Feb 1997 01:09:04 +0300 (MSK)
From: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.ru>
To: Guido van Rooij <guido@freefall.freebsd.org>
Cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org,
        cvs-usrbin@freefall.freebsd.org
Subject: Re: cvs commit:  src/usr.bin/su su.1 su.c
In-Reply-To: <199702242032.MAA15843@freefall.freebsd.org>
Message-Id: <Pine.BSF.3.95q.970225010600.1497A-100000@nagual.ru>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-usrbin@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Mon, 24 Feb 1997, Guido van Rooij wrote:

> guido       97/02/24 12:32:27
> 
>   Modified:    usr.bin/su  su.1 su.c
>   Log:
>   When group wheel is empty, allow everyone to su to root. This has normally
>   no conseqeunces as we ship with a non-empty wheel.

I disagree. Some sysadmins intentionally make it empty to disallow 'su'
and allow only root login from console. Also implicit defaults in this way
can be potential hole. Direct list of users here shows better who
currently have access than empty default with unknown users list, please
back it out.

-- 
Andrey A. Chernov
<ache@null.net>
http://www.nagual.ru/~ache/