super user clone & x-server disabling
phr at doc.ic.ac.uk
Fri Aug 23 16:54:00 CDT 2002
On Fri, 23 Aug 2002 John_L_Jones at dell.com wrote:
>I may be way out in left field on this but...
>On other Unix systems, you can add a user to the wheel group and then should
>be able to function as root, but with a user name.
>Anyone correct me if I am wrong with this. I *believe* this is how it works
No. The wheel group is just a convention for "trusted users". It gives
no special privileges other than those the sysadmin chooses to bestow by
chgrp'ing files to wheel. RH73 ships with no such files.
For example, a common security measure is to put /bin/su in the wheel
group, then "chmod 4750 /bin/su". This can also be done to utilities
not usually SUID root, e.g. tcpdump.
There is no other magic that would allow a non-root wheel member to
chown files, manipulate network interfaces, bypass file permissions etc.
More information about the Linux-PowerEdge