Date: Thu, 16 Nov 2006 16:15:50 -0500 From: Kris Kennaway <kris@obsecurity.org> To: Jean-Yves Lefort <jylefort@FreeBSD.org> Cc: security-team@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org, ports-committers@FreeBSD.org Subject: Re: cvs commit: ports/sysutils/hal Makefile ports/sysutils/hal/files patch-hal.conf.in Message-ID: <20061116211550.GA68969@xor.obsecurity.org> In-Reply-To: <200611161949.kAGJnDr5074353@repoman.freebsd.org> References: <200611161949.kAGJnDr5074353@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--5vNYLRcllDrimb99 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Nov 16, 2006 at 07:49:13PM +0000, Jean-Yves Lefort wrote: > jylefort 2006-11-16 19:49:13 UTC >=20 > FreeBSD ports repository >=20 > Modified files: > sysutils/hal Makefile=20 > Added files: > sysutils/hal/files patch-hal.conf.in=20 > Log: > Give wheel group members the same rights as operator group members. This violates the definition of the wheel group, FYI (even though it might seem expedient), so it can be viewed as a weakening of the security model. Prior to this commit, the only right that the wheel group had was the ability to attempt to su to root, if the user knows the password. Kris --5vNYLRcllDrimb99 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFFXNUGWry0BWjoQKURAkazAKCkTfdlLRxHicBzZm9CPU7Cuf6t3wCeITrg mw6UifpmHRIvF5ZsrBDOEOU= =FryS -----END PGP SIGNATURE----- --5vNYLRcllDrimb99--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061116211550.GA68969>